poullight | fe75c6dd720394044ce6f42835d73af170ee8a0c4dc937781c0bcb1abe823571 | Triage

Submit
Reports

Overview

overview

Static

static

fe75c6dd72...71.exe

windows7_x64

fe75c6dd72...71.exe

windows10-2004_x64

Sharing

General

Target

fe75c6dd720394044ce6f42835d73af170ee8a0c4dc937781c0bcb1abe823571
Size

100KB
Sample

220524-w9dbwahcbj
MD5

9afb72148ccd26b39a6627ce80881f52
SHA1

edaf644e5115a920909ed2c40b38f7aafeb22d9f
SHA256

fe75c6dd720394044ce6f42835d73af170ee8a0c4dc937781c0bcb1abe823571
SHA512

806ad09c08bdd9646ca2165a2f18282840403e4c46462735dbe20442e762b4974896d508cec0e863e95bc3a4fe743f5921e0d676fa72a443619fab652aec3106

Score

10^/10

poullight spyware stealer suricata trojan

Static task

static1

Behavioral task

behavioral1

Sample

fe75c6dd720394044ce6f42835d73af170ee8a0c4dc937781c0bcb1abe823571.exe

Resource

win7-20220414-en

poullight spyware stealer suricata trojan

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

fe75c6dd720394044ce6f42835d73af170ee8a0c4dc937781c0bcb1abe823571.exe

Resource

win10v2004-20220414-en

poullight spyware stealer suricata trojan

windows10-2004_x64

0 signatures

0 seconds

Malware Config

Targets

- Target
  
  fe75c6dd720394044ce6f42835d73af170ee8a0c4dc937781c0bcb1abe823571
- Size
  
  100KB
- MD5
  
  9afb72148ccd26b39a6627ce80881f52
- SHA1
  
  edaf644e5115a920909ed2c40b38f7aafeb22d9f
- SHA256
  
  fe75c6dd720394044ce6f42835d73af170ee8a0c4dc937781c0bcb1abe823571
- SHA512
  
  806ad09c08bdd9646ca2165a2f18282840403e4c46462735dbe20442e762b4974896d508cec0e863e95bc3a4fe743f5921e0d676fa72a443619fab652aec3106
Score

10^/10

poullight spyware stealer suricata trojan
- Poullight
  Poullight is an information stealer first seen in March 2020.
  trojan stealer poullight
- Poullight Stealer Payload
- suricata: ET MALWARE Trojan Generic - POST To gate.php with no accept headers
  suricata: ET MALWARE Trojan Generic - POST To gate.php with no accept headers
  suricata
- suricata: ET MALWARE Trojan Generic - POST To gate.php with no referer
  suricata: ET MALWARE Trojan Generic - POST To gate.php with no referer
  suricata
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Credentials in Files

Discovery

Lateral Movement

Collection

Data from Local System

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

poullightspywarestealersuricatatrojan

behavioral2

poullightspywarestealersuricatatrojan

© 2018-2024

Terms | Privacy