4c29fb510cbf9f9ccc9f17ee35cee857173db79055bf1f7140551b956e7a702d | Triage

Sharing

General

Target

4c29fb510cbf9f9ccc9f17ee35cee857173db79055bf1f7140551b956e7a702d
Size

6.7MB
Sample

220520-z1n9kagecr
MD5

e5add66413d0531613aaa334c8ab0208
SHA1

90f50ce4965ae425f8674d629e6b203111de5fe7
SHA256

4c29fb510cbf9f9ccc9f17ee35cee857173db79055bf1f7140551b956e7a702d
SHA512

6752ebadf2fdaea11dba578610ea39e567358733a7de9d7d07079180dba1a967fdfb86a9d59ead277445bad9197ac94e60ae4119faa9310223e60f9824ba0ae6

Score

7^/10

pyinstaller spyware stealer

Malware Config

Targets

- Target
  
  4c29fb510cbf9f9ccc9f17ee35cee857173db79055bf1f7140551b956e7a702d
- Size
  
  6.7MB
- MD5
  
  e5add66413d0531613aaa334c8ab0208
- SHA1
  
  90f50ce4965ae425f8674d629e6b203111de5fe7
- SHA256
  
  4c29fb510cbf9f9ccc9f17ee35cee857173db79055bf1f7140551b956e7a702d
- SHA512
  
  6752ebadf2fdaea11dba578610ea39e567358733a7de9d7d07079180dba1a967fdfb86a9d59ead277445bad9197ac94e60ae4119faa9310223e60f9824ba0ae6
Score

7^/10

spyware stealer
- Loads dropped DLL
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Looks up external IP address via web service
  Uses a legitimate IP lookup service to find the infected system's external IP.
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Credentials in Files

Discovery

Lateral Movement

Collection

Data from Local System

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

behavioral2