d2c7981831fb449e109e9f9787017a275bfe542203ae9eaf8b2e9d5eac5b9488

Target

Size

5MB

Sample

220520-2q2s1saham

Score

7 ^/10

MD5

c2529e5adae819ad0c9285bae4d27a9a

SHA1

cc066793bd6167243bfd751be82567b150421ca4

SHA256

d2c7981831fb449e109e9f9787017a275bfe542203ae9eaf8b2e9d5eac5b9488

SHA512

dff6d2c871ba42fac7808ae3865b7972815c6d1c9520791c1b7d9412d8dc72dea1dc731d5547b1ee73768710a18f1a09b10ec6a5ea7772af9743ba5201046bbb

Target

d2c7981831fb449e109e9f9787017a275bfe542203ae9eaf8b2e9d5eac5b9488

MD5

c2529e5adae819ad0c9285bae4d27a9a

Filesize

5MB

Score

7^/10

SHA1

cc066793bd6167243bfd751be82567b150421ca4

SHA256

d2c7981831fb449e109e9f9787017a275bfe542203ae9eaf8b2e9d5eac5b9488

SHA512

dff6d2c871ba42fac7808ae3865b7972815c6d1c9520791c1b7d9412d8dc72dea1dc731d5547b1ee73768710a18f1a09b10ec6a5ea7772af9743ba5201046bbb

Signatures

Loads dropped DLL
Reads user/profile data of web browsers
Description

Infostealers often target stored browser data, which can include saved credentials etc.
Tags

spyware stealer

TTPs

Data from Local SystemCredentials in Files
Looks up external IP address via web service
Description

Uses a legitimate IP lookup service to find the infected system's external IP.

Related Tasks

behavioral1 behavioral2

Collection

Data from Local System

Command and Control

Credential Access

Credentials in Files

Defense Evasion

Discovery

Execution

Exfiltration

Impact

Initial Access

Lateral Movement

Persistence

Privilege Escalation

static1

pyinstaller

3^/10

behavioral1

spyware stealer

7^/10

behavioral2

spyware stealer

7^/10

Tags

Signatures

Loads dropped DLL

Reads user/profile data of web browsers

Description

Tags

TTPs

Looks up external IP address via web service

Description

Related Tasks

static1

behavioral1

behavioral2