5f6ec57fb7d9280aebf50847640de3738c28f0b682ba1a46cba635676a4a9777 | Triage

Resubmissions

01-04-2023 16:38

230401-t5jlzsbc22 7

01-04-2023 16:34

230401-t25eaabb79 7

Sharing

General

Target

NitroGo_Stable-v1.exe
Size

5.6MB
Sample

230401-t25eaabb79
MD5

b511a7b8ff9681cf9df705dbb8018441
SHA1

b5ad58deff41af0a10f4328da662412b5c218e21
SHA256

5f6ec57fb7d9280aebf50847640de3738c28f0b682ba1a46cba635676a4a9777
SHA512

0611d071384b72187c1e4cb2a94c3d21159d940b6aaf117f3563f69a521bc5aa5b75715c9f7c9b5d788a101e67e24c3c52fee812048ec19926c4266dce1c24e0
SSDEEP

98304:NPs+AB2uW5MI079g+DltLGMY8DI65KiaYGgQ30LJd2UqLjkLqp9TNXVbKwEi:NPqkL2V76+DXLZy7YM30LzajzpYt

Score

7^/10

pyinstaller spyware stealer

Malware Config

Targets

- Target
  
  NitroGo_Stable-v1.exe
- Size
  
  5.6MB
- MD5
  
  b511a7b8ff9681cf9df705dbb8018441
- SHA1
  
  b5ad58deff41af0a10f4328da662412b5c218e21
- SHA256
  
  5f6ec57fb7d9280aebf50847640de3738c28f0b682ba1a46cba635676a4a9777
- SHA512
  
  0611d071384b72187c1e4cb2a94c3d21159d940b6aaf117f3563f69a521bc5aa5b75715c9f7c9b5d788a101e67e24c3c52fee812048ec19926c4266dce1c24e0
- SSDEEP
  
  98304:NPs+AB2uW5MI079g+DltLGMY8DI65KiaYGgQ30LJd2UqLjkLqp9TNXVbKwEi:NPqkL2V76+DXLZy7YM30LzajzpYt
Score

7^/10

spyware stealer
- Loads dropped DLL
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Drops file in System32 directory
behavioral1

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Credentials in Files

Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1