b77e78c2957de70e5796a41876fd9c702531b398379f9f1c77b1ba20ef2f9aad | Triage

Sharing

General

Target

b77e78c2957de70e5796a41876fd9c702531b398379f9f1c77b1ba20ef2f9aad
Size

5.9MB
Sample

220525-ab3m8acde5
MD5

825e80d3501a520ee2c8886a5cbee7d2
SHA1

9a9b4b689ec6c8cea66f22f12da9b715bf50d75b
SHA256

b77e78c2957de70e5796a41876fd9c702531b398379f9f1c77b1ba20ef2f9aad
SHA512

2abc0c8f832d4e5946e5c1a0cde73cb11594a33379c2bcc20c23e869343760fa55aaaaf76e1017d994f7da99ebc2c6d3352cdfe5d7f00ff401cd33356547a589

Score

7^/10

pyinstaller spyware stealer

Malware Config

Targets

- Target
  
  b77e78c2957de70e5796a41876fd9c702531b398379f9f1c77b1ba20ef2f9aad
- Size
  
  5.9MB
- MD5
  
  825e80d3501a520ee2c8886a5cbee7d2
- SHA1
  
  9a9b4b689ec6c8cea66f22f12da9b715bf50d75b
- SHA256
  
  b77e78c2957de70e5796a41876fd9c702531b398379f9f1c77b1ba20ef2f9aad
- SHA512
  
  2abc0c8f832d4e5946e5c1a0cde73cb11594a33379c2bcc20c23e869343760fa55aaaaf76e1017d994f7da99ebc2c6d3352cdfe5d7f00ff401cd33356547a589
Score

7^/10

spyware stealer
- Loads dropped DLL
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Looks up external IP address via web service
  Uses a legitimate IP lookup service to find the infected system's external IP.
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Credentials in Files

Discovery

Lateral Movement

Collection

Data from Local System

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

behavioral2