0bb0f209e50b87a21dd65f0eeac7128e96026fb7ace4d9b9223d2b28f0eb702a | Triage

Submit
Reports

Overview

overview

9

Static

static

0bb0f209e5...2a.exe

windows7-x64

9

0bb0f209e5...2a.exe

windows10-2004-x64

9

Sharing

General

Target

0bb0f209e50b87a21dd65f0eeac7128e96026fb7ace4d9b9223d2b28f0eb702a
Size

436KB
Sample

221123-vrftlshg56
MD5

5383411fd564aae161291016199915d2
SHA1

01a31f6b8bcf556cc77caa089cbaa7696613c61e
SHA256

0bb0f209e50b87a21dd65f0eeac7128e96026fb7ace4d9b9223d2b28f0eb702a
SHA512

fc310a9db9bd446a2fb5b30047ca00cbb2e0efe35a5e9537c684cc8e8da286f95fcec8adeda245b91ab9046c2162b5807d60bf684a04dbfb906e1ce9eb4057e9
SSDEEP

12288:xUbCGn0F45IAuMZWaRCd2aUwsdN5mne/zfMM3H3dcr2v:6bC4XuMZWwaU5lMM9Xv

Score

9^/10

spyware stealer

Static task

static1

Behavioral task

behavioral1

Sample

0bb0f209e50b87a21dd65f0eeac7128e96026fb7ace4d9b9223d2b28f0eb702a.exe

Resource

win7-20220901-en

spyware stealer

windows7-x64

6 signatures

150 seconds

Behavioral task

behavioral2

Sample

0bb0f209e50b87a21dd65f0eeac7128e96026fb7ace4d9b9223d2b28f0eb702a.exe

Resource

win10v2004-20220812-en

spyware stealer

windows10-2004-x64

6 signatures

150 seconds

Malware Config

Targets

- Target
  
  0bb0f209e50b87a21dd65f0eeac7128e96026fb7ace4d9b9223d2b28f0eb702a
- Size
  
  436KB
- MD5
  
  5383411fd564aae161291016199915d2
- SHA1
  
  01a31f6b8bcf556cc77caa089cbaa7696613c61e
- SHA256
  
  0bb0f209e50b87a21dd65f0eeac7128e96026fb7ace4d9b9223d2b28f0eb702a
- SHA512
  
  fc310a9db9bd446a2fb5b30047ca00cbb2e0efe35a5e9537c684cc8e8da286f95fcec8adeda245b91ab9046c2162b5807d60bf684a04dbfb906e1ce9eb4057e9
- SSDEEP
  
  12288:xUbCGn0F45IAuMZWaRCd2aUwsdN5mne/zfMM3H3dcr2v:6bC4XuMZWwaU5lMM9Xv
Score

9^/10

spyware stealer
- NirSoft WebBrowserPassView
  Password recovery tool for various web browsers
- Nirsoft
- Executes dropped EXE
- Reads data files stored by FTP clients
  Tries to access configuration files associated with programs like FileZilla.
  spyware stealer
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Credentials in Files

Discovery

Lateral Movement

Collection

Data from Local System

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

behavioral2

© 2018-2024

Terms | Privacy