ff1a3fec6f631304d0701838a0550252430dec072b30e1bf272ee8d32454e477 | Triage

Sharing

General

Target

EveLauncher.exe
Size

111.2MB
Sample

221008-d17j9aebhn
MD5

616c9827737c2dd8bdc974f1cd8b17ba
SHA1

b70e13b147933cad8920c681dd7cc53778d06ab3
SHA256

ff1a3fec6f631304d0701838a0550252430dec072b30e1bf272ee8d32454e477
SHA512

d7e42707c6c635fbbdff09e4a90ed050d8e7391351cffe8735a72016ee490a73a934c50b59b8a1192c6d0aaecf8db61f9ce881a81c810b0b3e566313a838a5a3
SSDEEP

786432:d0LoCOn+2ls4urYDNulLBiuECrUVG56kSW6GV06lRWxqKAklSNjje//4nZ9wEEkR:dMoCm/lXw2cQb6J

Score

7^/10

spyware stealer

Malware Config

Targets

- Target
  
  EveLauncher.exe
- Size
  
  111.2MB
- MD5
  
  616c9827737c2dd8bdc974f1cd8b17ba
- SHA1
  
  b70e13b147933cad8920c681dd7cc53778d06ab3
- SHA256
  
  ff1a3fec6f631304d0701838a0550252430dec072b30e1bf272ee8d32454e477
- SHA512
  
  d7e42707c6c635fbbdff09e4a90ed050d8e7391351cffe8735a72016ee490a73a934c50b59b8a1192c6d0aaecf8db61f9ce881a81c810b0b3e566313a838a5a3
- SSDEEP
  
  786432:d0LoCOn+2ls4urYDNulLBiuECrUVG56kSW6GV06lRWxqKAklSNjje//4nZ9wEEkR:dMoCm/lXw2cQb6J
Score

7^/10

spyware stealer
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Drops startup file
- Loads dropped DLL
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Legitimate hosting services abused for malware hosting/C2
- Looks up external IP address via web service
  Uses a legitimate IP lookup service to find the infected system's external IP.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Command-Line Interface

Persistence

Privilege Escalation

Defense Evasion

Web Service

Credential Access

Credentials in Files

Discovery

Process Discovery

Query Registry

Remote System Discovery

System Information Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2