23e688569cd83f678cb34072356d0c6771823674cec068b39379835d6b80c4fe | Triage

Sharing

General

Target

23e688569cd83f678cb34072356d0c6771823674cec068b39379835d6b80c4fe
Size

5.4MB
Sample

220520-gmtysafhdj
MD5

be326ce4403d85537122c48c68344745
SHA1

75c4e1f9af7e930a4b28d798eecc50a439f01c35
SHA256

23e688569cd83f678cb34072356d0c6771823674cec068b39379835d6b80c4fe
SHA512

bcfda9ea07bb20a66fa5481a2a4920c96ff077910fc7a0c16f8bd7759858d02833171bfbec2b1cbcd3f1af254c3c9de5730529bf6585f8e39d4e268584ba4d08

Score

7^/10

pyinstaller spyware stealer

Malware Config

Targets

- Target
  
  23e688569cd83f678cb34072356d0c6771823674cec068b39379835d6b80c4fe
- Size
  
  5.4MB
- MD5
  
  be326ce4403d85537122c48c68344745
- SHA1
  
  75c4e1f9af7e930a4b28d798eecc50a439f01c35
- SHA256
  
  23e688569cd83f678cb34072356d0c6771823674cec068b39379835d6b80c4fe
- SHA512
  
  bcfda9ea07bb20a66fa5481a2a4920c96ff077910fc7a0c16f8bd7759858d02833171bfbec2b1cbcd3f1af254c3c9de5730529bf6585f8e39d4e268584ba4d08
Score

7^/10

spyware stealer
- Loads dropped DLL
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Looks up external IP address via web service
  Uses a legitimate IP lookup service to find the infected system's external IP.
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Credentials in Files

Discovery

Lateral Movement

Collection

Data from Local System

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

behavioral2