Overview

overview

7

Static

static

3

exo.exe

windows10-1703-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    exo.exe

  • Size

    13.2MB

  • Sample

    230322-ah6nfsdh37

  • MD5

    1b9d206a3e69aa8922b727d06d64cb35

  • SHA1

    af6b03ba00361c8b168c1353857bc2a5bbd1c6f9

  • SHA256

    706bdb1130802a0d59ade60afc12e342080361805454b51a25b57ca565c4a969

  • SHA512

    f4343dacf252922ca7fd53905a7fba6867e33518a4dc65809d153d6eb754cafa020b869f0e17519b497da636e422aaf4753255630d45addff204c4b90e552500

  • SSDEEP

    393216:FBkFThaHVCEDd/m3pfJ83a10w7/XdwWwstlcBZ:FBknaHVCEDdKBEaDtwjUc

Score
7/10
pyinstallerspywarestealer

Malware Config

Targets

    • Target

      exo.exe

    • Size

      13.2MB

    • MD5

      1b9d206a3e69aa8922b727d06d64cb35

    • SHA1

      af6b03ba00361c8b168c1353857bc2a5bbd1c6f9

    • SHA256

      706bdb1130802a0d59ade60afc12e342080361805454b51a25b57ca565c4a969

    • SHA512

      f4343dacf252922ca7fd53905a7fba6867e33518a4dc65809d153d6eb754cafa020b869f0e17519b497da636e422aaf4753255630d45addff204c4b90e552500

    • SSDEEP

      393216:FBkFThaHVCEDd/m3pfJ83a10w7/XdwWwstlcBZ:FBknaHVCEDdKBEaDtwjUc

    Score
    7/10
    spywarestealer

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Looks up external IP address via web service

      Uses a legitimate IP lookup service to find the infected system's external IP.

    behavioral1

MITRE ATT&CK Enterprise v6

Tasks