6730bcc662748089f3e8455e76fc5ffa263040ce85684f20e69d458cad4ecf1a | Triage

Sharing

General

Target

6730bcc662748089f3e8455e76fc5ffa263040ce85684f20e69d458cad4ecf1a
Size

6.6MB
Sample

220525-bsr4gsaadk
MD5

a36b8cda76b7b89ff63471cd07563539
SHA1

2de89e3ad8d37935115a19da008874f123f12da6
SHA256

6730bcc662748089f3e8455e76fc5ffa263040ce85684f20e69d458cad4ecf1a
SHA512

49ff67bda2daa3ab1d015184640084a512fde8836b73f8b91de1414aaa39d41f2d83c8c7dfda97da7a7b256464ca269e333a20900c5c484c488163b123d82473

Score

7^/10

pyinstaller spyware stealer

Malware Config

Targets

- Target
  
  6730bcc662748089f3e8455e76fc5ffa263040ce85684f20e69d458cad4ecf1a
- Size
  
  6.6MB
- MD5
  
  a36b8cda76b7b89ff63471cd07563539
- SHA1
  
  2de89e3ad8d37935115a19da008874f123f12da6
- SHA256
  
  6730bcc662748089f3e8455e76fc5ffa263040ce85684f20e69d458cad4ecf1a
- SHA512
  
  49ff67bda2daa3ab1d015184640084a512fde8836b73f8b91de1414aaa39d41f2d83c8c7dfda97da7a7b256464ca269e333a20900c5c484c488163b123d82473
Score

7^/10

spyware stealer
- Loads dropped DLL
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Looks up external IP address via web service
  Uses a legitimate IP lookup service to find the infected system's external IP.
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Credentials in Files

Discovery

Lateral Movement

Collection

Data from Local System

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

behavioral2