f894747a8304c97231ab8daa14042c3b6e0cbcaa663ec1ccf368e8578cee703f | Triage

Submit
Reports

Overview

overview

7

Static

static

3

Handler.exe

windows7-x64

7

Handler.exe

windows10-2004-x64

7

Sharing

General

Target

Handler.exe
Size

14.0MB
Sample

230331-ydr69sch38
MD5

e49220d87ac77b34c560a104aab93029
SHA1

5fee0d29cf13f57d25630aafc1a4bb618217908a
SHA256

f894747a8304c97231ab8daa14042c3b6e0cbcaa663ec1ccf368e8578cee703f
SHA512

701bd886ffc820105b3e852d22ec7cd6c686ce11501580950ee7b0f2cde6c31c88ecccd67947a4946ed0f3194e23ba488f60619b0e8e45acd3192671162a73eb
SSDEEP

393216:q0XUEdQuslN/m3pqq96voWOv+9fIWBJHsJmF3zvHO:/dQu4KhQvorvSQ06mFDvu

Score

7^/10

pyinstaller spyware stealer

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

Handler.exe

Resource

win7-20230220-en

windows7-x64

7 signatures

150 seconds

Behavioral task

behavioral2

Sample

Handler.exe

Resource

win10v2004-20230220-en

spyware stealer

windows10-2004-x64

5 signatures

150 seconds

Malware Config

Targets

- Target
  
  Handler.exe
- Size
  
  14.0MB
- MD5
  
  e49220d87ac77b34c560a104aab93029
- SHA1
  
  5fee0d29cf13f57d25630aafc1a4bb618217908a
- SHA256
  
  f894747a8304c97231ab8daa14042c3b6e0cbcaa663ec1ccf368e8578cee703f
- SHA512
  
  701bd886ffc820105b3e852d22ec7cd6c686ce11501580950ee7b0f2cde6c31c88ecccd67947a4946ed0f3194e23ba488f60619b0e8e45acd3192671162a73eb
- SSDEEP
  
  393216:q0XUEdQuslN/m3pqq96voWOv+9fIWBJHsJmF3zvHO:/dQu4KhQvorvSQ06mFDvu
Score

7^/10

spyware stealer
- Loads dropped DLL
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Accesses cryptocurrency files/wallets, possible credential harvesting
  spyware
- Looks up external IP address via web service
  Uses a legitimate IP lookup service to find the infected system's external IP.
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Credentials in Files

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Data from Local System

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

behavioral2

© 2018-2024

Terms | Privacy