c351d36338dd490e995da8de0b7fe66b840553684be4fb5f162a08d58f054a6a | Triage

Sharing

General

Target

c351d36338dd490e995da8de0b7fe66b840553684be4fb5f162a08d58f054a6a
Size

6.2MB
Sample

220521-ajq96aach7
MD5

bbad4c70c803fcb697b51c3d9fd0061a
SHA1

cf7840b27734c8121dddcd1a030e17a728d862a5
SHA256

c351d36338dd490e995da8de0b7fe66b840553684be4fb5f162a08d58f054a6a
SHA512

5a37647d79d99d0833906f370e5364030bc634cfc3541c65557ec80ba169c4e14f4a50893cdf9d4cfab91cbbcd497caaf9a7f4c3cbc332d0191af351d41efdb7

Score

7^/10

pyinstaller spyware stealer

Malware Config

Targets

- Target
  
  c351d36338dd490e995da8de0b7fe66b840553684be4fb5f162a08d58f054a6a
- Size
  
  6.2MB
- MD5
  
  bbad4c70c803fcb697b51c3d9fd0061a
- SHA1
  
  cf7840b27734c8121dddcd1a030e17a728d862a5
- SHA256
  
  c351d36338dd490e995da8de0b7fe66b840553684be4fb5f162a08d58f054a6a
- SHA512
  
  5a37647d79d99d0833906f370e5364030bc634cfc3541c65557ec80ba169c4e14f4a50893cdf9d4cfab91cbbcd497caaf9a7f4c3cbc332d0191af351d41efdb7
Score

7^/10

spyware stealer
- Loads dropped DLL
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Looks up external IP address via web service
  Uses a legitimate IP lookup service to find the infected system's external IP.
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Credentials in Files

Discovery

Lateral Movement

Collection

Data from Local System

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

behavioral2