Overview

overview

7

Static

static

3

Setup.exe

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    Setup.exe

  • Size

    21.6MB

  • Sample

    220930-z4mj5sfhbr

  • MD5

    7f814d71e0918ad91268db37df3d219a

  • SHA1

    37cf287ea6f3f75bb81955c54f6377ab44a7694a

  • SHA256

    c4473a3aa2381bba779b990bb508a50341e43808432d1c9c10eb430b1066d424

  • SHA512

    ad1281fff4418b78e08a786059d8a2b405117802baaabceb35063c5b73fcfc3b66663e3f770e5750c97c3ccbcbab40924ef74f3b58eed66de1aa8b0c7b162fe6

  • SSDEEP

    393216:LxdyJhoonHWpOnz6L2Vmd6mI/m3pwc/eO47G99M9BJHOGJYwM7Ym4p/lJUgxb1:LzyJ+UHg4GyVmdSKwuP+1RYcDTxb1

Score
7/10
pyinstallerspywarestealer

Malware Config

Targets

    • Target

      Setup.exe

    • Size

      21.6MB

    • MD5

      7f814d71e0918ad91268db37df3d219a

    • SHA1

      37cf287ea6f3f75bb81955c54f6377ab44a7694a

    • SHA256

      c4473a3aa2381bba779b990bb508a50341e43808432d1c9c10eb430b1066d424

    • SHA512

      ad1281fff4418b78e08a786059d8a2b405117802baaabceb35063c5b73fcfc3b66663e3f770e5750c97c3ccbcbab40924ef74f3b58eed66de1aa8b0c7b162fe6

    • SSDEEP

      393216:LxdyJhoonHWpOnz6L2Vmd6mI/m3pwc/eO47G99M9BJHOGJYwM7Ym4p/lJUgxb1:LzyJ+UHg4GyVmdSKwuP+1RYcDTxb1

    Score
    7/10
    spywarestealer

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Legitimate hosting services abused for malware hosting/C2

    • Looks up external IP address via web service

      Uses a legitimate IP lookup service to find the infected system's external IP.

    behavioral1

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Credentials in Files

1
T1081

Discovery

Lateral Movement

Collection

Data from Local System

1
T1005

Exfiltration

Command and Control

Web Service

1
T1102

Impact

Tasks