053e7603d2776f39c17d74cd5a095d2fa4727ce019cb91274c135be4b9732358 | Triage

Submit
Reports

Overview

overview

7

Static

static

3

Document.exe

windows10-1703-x64

7

Resubmissions

07-09-2022 19:58

220907-ypwc3achd3 7

03-08-2021 09:41

210803-sp73xlckl2 10

Sharing

General

Target

Document.exe
Size

14.1MB
Sample

220907-ypwc3achd3
MD5

5210735409235c1aaf674fefddd33e35
SHA1

7c75657618cdeb21eedd587d960a608c4ead60f1
SHA256

053e7603d2776f39c17d74cd5a095d2fa4727ce019cb91274c135be4b9732358
SHA512

e382f86366f1a5dc7f665dd19e48410e69614cced4b5cb2deabec58e4b948906d34df42195010ea3a58e5c63579f042b0b6eb8e2f70c99d9b013d776f098985d
SSDEEP

393216:HlCtPYZxlHOFyCEDmlh2pNH2ciIrHWiCecGa9+L9:HPBzCEDUQpNkILexGog

Score

7^/10

pyinstaller spyware stealer

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

Document.exe

Resource

win10-20220812-en

spyware stealer

windows10-1703-x64

16 signatures

300 seconds

Malware Config

Targets

- Target
  
  Document.exe
- Size
  
  14.1MB
- MD5
  
  5210735409235c1aaf674fefddd33e35
- SHA1
  
  7c75657618cdeb21eedd587d960a608c4ead60f1
- SHA256
  
  053e7603d2776f39c17d74cd5a095d2fa4727ce019cb91274c135be4b9732358
- SHA512
  
  e382f86366f1a5dc7f665dd19e48410e69614cced4b5cb2deabec58e4b948906d34df42195010ea3a58e5c63579f042b0b6eb8e2f70c99d9b013d776f098985d
- SSDEEP
  
  393216:HlCtPYZxlHOFyCEDmlh2pNH2ciIrHWiCecGa9+L9:HPBzCEDUQpNkILexGog
Score

7^/10

spyware stealer
- Loads dropped DLL
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Drops desktop.ini file(s)
- Looks up external IP address via web service
  Uses a legitimate IP lookup service to find the infected system's external IP.
behavioral1

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Credentials in Files

Discovery

Query Registry

Peripheral Device Discovery

System Information Discovery

Lateral Movement

Collection

Data from Local System

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

© 2018-2024

Terms | Privacy