poullight | d67160c55ef2a362bb4d2d6a4b625ba9e70faba676b2f0e8c6fb67bf3c69c8db | Triage

Submit
Reports

Overview

overview

Static

static

d67160c55e...db.exe

windows7_x64

d67160c55e...db.exe

windows10-2004_x64

5

Sharing

General

Target

d67160c55ef2a362bb4d2d6a4b625ba9e70faba676b2f0e8c6fb67bf3c69c8db
Size

1.1MB
Sample

220524-r11nlaacgk
MD5

ac3c74a419d6c61c9f18aec6da2e7000
SHA1

2a3f031f0922cd78d3796b680f3112e36ac7da6c
SHA256

d67160c55ef2a362bb4d2d6a4b625ba9e70faba676b2f0e8c6fb67bf3c69c8db
SHA512

54b7cac2bfbef5a6f7ba01e7d9b3754d8adcc1a3ff99a121e5848ebcab7601863c0f7e2f5b97d1493f0808c576ebcab205ae8dd1539acb98c43e2e0d3c04a08e

Score

10^/10

poullight spyware stealer trojan

Static task

static1

Behavioral task

behavioral1

Sample

d67160c55ef2a362bb4d2d6a4b625ba9e70faba676b2f0e8c6fb67bf3c69c8db.exe

Resource

win7-20220414-en

poullight spyware stealer trojan

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

d67160c55ef2a362bb4d2d6a4b625ba9e70faba676b2f0e8c6fb67bf3c69c8db.exe

Resource

win10v2004-20220414-en

windows10-2004_x64

0 signatures

0 seconds

Malware Config

Targets

- Target
  
  d67160c55ef2a362bb4d2d6a4b625ba9e70faba676b2f0e8c6fb67bf3c69c8db
- Size
  
  1.1MB
- MD5
  
  ac3c74a419d6c61c9f18aec6da2e7000
- SHA1
  
  2a3f031f0922cd78d3796b680f3112e36ac7da6c
- SHA256
  
  d67160c55ef2a362bb4d2d6a4b625ba9e70faba676b2f0e8c6fb67bf3c69c8db
- SHA512
  
  54b7cac2bfbef5a6f7ba01e7d9b3754d8adcc1a3ff99a121e5848ebcab7601863c0f7e2f5b97d1493f0808c576ebcab205ae8dd1539acb98c43e2e0d3c04a08e
Score

10^/10

poullight spyware stealer trojan
- Poullight
  Poullight is an information stealer first seen in March 2020.
  trojan stealer poullight
- Poullight Stealer Payload
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Suspicious use of NtSetInformationThreadHideFromDebugger
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Credentials in Files

Discovery

Lateral Movement

Collection

Data from Local System

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

poullightspywarestealertrojan

behavioral2

© 2018-2024

Terms | Privacy