d664d1d03de4af885ff4020765727e9d84d8655f3df6f69651765cb0c2f1efc7 | Triage

Sharing

General

Target

d664d1d03de4af885ff4020765727e9d84d8655f3df6f69651765cb0c2f1efc7
Size

9.5MB
Sample

220524-dnadzsdfa7
MD5

d52698b84b3d80bdad0b9ee540bff93a
SHA1

e2e2243bd70b804d6a2edb21bdc780c441af8ca8
SHA256

d664d1d03de4af885ff4020765727e9d84d8655f3df6f69651765cb0c2f1efc7
SHA512

4f104387f59885cb89bcf0faf40579ec80d559c4ecafc8a8b150d8ef86c6c29382b27ebceca2a4bf2696515bc2866c26dd971eaf14d73a08391d3f3a8466b944

Score

7^/10

pyinstaller spyware stealer

Malware Config

Targets

- Target
  
  d664d1d03de4af885ff4020765727e9d84d8655f3df6f69651765cb0c2f1efc7
- Size
  
  9.5MB
- MD5
  
  d52698b84b3d80bdad0b9ee540bff93a
- SHA1
  
  e2e2243bd70b804d6a2edb21bdc780c441af8ca8
- SHA256
  
  d664d1d03de4af885ff4020765727e9d84d8655f3df6f69651765cb0c2f1efc7
- SHA512
  
  4f104387f59885cb89bcf0faf40579ec80d559c4ecafc8a8b150d8ef86c6c29382b27ebceca2a4bf2696515bc2866c26dd971eaf14d73a08391d3f3a8466b944
Score

7^/10

spyware stealer
- Loads dropped DLL
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Looks up external IP address via web service
  Uses a legitimate IP lookup service to find the infected system's external IP.
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Credentials in Files

Discovery

Lateral Movement

Collection

Data from Local System

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

behavioral2