Overview

overview

7

Static

static

3

main.exe

windows10-2004-x64

7

Sharing

Copy URL Twitter E-mail

General

  • Target

    main.exe

  • Size

    18.9MB

  • Sample

    230319-xx5q2ahg47

  • MD5

    3e15d4e73d737095f3c11991b42bffc7

  • SHA1

    c82ce34e694ab15c4a341b8d732656fb2a172451

  • SHA256

    cf08557e7f5edc4e9330f08c94b028152582df822de338ff1e37c24837b1cbfe

  • SHA512

    e1dfea48ca702624a15743df2c7f5d857d7278649a0a440c8551122f73d4265c443137033aee12da88b59d825890590521524deb881c3235007bd4a66ca62365

  • SSDEEP

    393216:2u7L/B9QDDJx/lh2pLaUX47d40lxJ8lzdChdjYx:2CLJ8TQpLaUI7d409SKY

Score
7/10
pyinstallerspywarestealer

Malware Config

Targets

    • Target

      main.exe

    • Size

      18.9MB

    • MD5

      3e15d4e73d737095f3c11991b42bffc7

    • SHA1

      c82ce34e694ab15c4a341b8d732656fb2a172451

    • SHA256

      cf08557e7f5edc4e9330f08c94b028152582df822de338ff1e37c24837b1cbfe

    • SHA512

      e1dfea48ca702624a15743df2c7f5d857d7278649a0a440c8551122f73d4265c443137033aee12da88b59d825890590521524deb881c3235007bd4a66ca62365

    • SSDEEP

      393216:2u7L/B9QDDJx/lh2pLaUX47d40lxJ8lzdChdjYx:2CLJ8TQpLaUI7d409SKY

    Score
    7/10
    spywarestealer

    • Drops startup file

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Accesses cryptocurrency files/wallets, possible credential harvesting

      spyware

    • Legitimate hosting services abused for malware hosting/C2

    • Looks up external IP address via web service

      Uses a legitimate IP lookup service to find the infected system's external IP.

    behavioral1

MITRE ATT&CK Enterprise v6

Tasks