63cb7def296c5d609d3cc8be545b79de02e385937c437e3b7d7b749cce828f49

Target

Size

9MB

Sample

220520-wtzj6sbfd4

Score

7 ^/10

MD5

0fbcb355e951c62f4120a03408b1f1c0

SHA1

9a5ebc255d9aea0b3da86e10f58dfefb307a7e03

SHA256

63cb7def296c5d609d3cc8be545b79de02e385937c437e3b7d7b749cce828f49

SHA512

b589075924ff1b011597047bd3335b65944f65d5d91c575e26912e28e32184cbb28792a2da265fc5da5870ccf257daab1459ffc306fc3a7434e85d9e866136cb

Target

63cb7def296c5d609d3cc8be545b79de02e385937c437e3b7d7b749cce828f49

MD5

0fbcb355e951c62f4120a03408b1f1c0

Filesize

9MB

Score

7^/10

SHA1

9a5ebc255d9aea0b3da86e10f58dfefb307a7e03

SHA256

63cb7def296c5d609d3cc8be545b79de02e385937c437e3b7d7b749cce828f49

SHA512

b589075924ff1b011597047bd3335b65944f65d5d91c575e26912e28e32184cbb28792a2da265fc5da5870ccf257daab1459ffc306fc3a7434e85d9e866136cb

Signatures

Loads dropped DLL
Reads user/profile data of web browsers
Description

Infostealers often target stored browser data, which can include saved credentials etc.
Tags

spyware stealer

TTPs

Data from Local SystemCredentials in Files
Looks up external IP address via web service
Description

Uses a legitimate IP lookup service to find the infected system's external IP.

Related Tasks

behavioral1 behavioral2

Collection

Data from Local System

Command and Control

Credential Access

Credentials in Files

Defense Evasion

Discovery

Execution

Exfiltration

Impact

Initial Access

Lateral Movement

Persistence

Privilege Escalation

static1

pyinstaller

3^/10

behavioral1

spyware stealer

7^/10

behavioral2

spyware stealer

7^/10

Tags

Signatures

Loads dropped DLL

Reads user/profile data of web browsers

Description

Tags

TTPs

Looks up external IP address via web service

Description

Related Tasks

static1

behavioral1

behavioral2