bd58c5f6860ae1a627337bc3cbc20707e7e935013a5bc8946d7a7dd1f5100671 | Triage

Submit
Reports

Overview

overview

7

Static

static

3

hitomi_dow...UI.zip

windows7-x64

1

hitomi_dow...UI.zip

windows10-2004-x64

1

Readme.txt

windows7-x64

1

Readme.txt

windows10-2004-x64

1

hitomi_dow...UI.exe

windows7-x64

7

hitomi_dow...UI.exe

windows10-2004-x64

7

Sharing

Copy URL Twitter E-mail

General

Target

hitomi_downloader_GUI.zip
Size

81.0MB
Sample

230515-p9fnnsfe27
MD5

b716d665101f4887d1604a6e1ce4bf8f
SHA1

c1a30f87e4c7f4fca5e7748fbfc382f772655a36
SHA256

bd58c5f6860ae1a627337bc3cbc20707e7e935013a5bc8946d7a7dd1f5100671
SHA512

6ef2661d5251eb4c38a766e9acb139f6564fa4057e1feb93b9fc697c26d8b0b6152af706c5069288b1227c930224d132ffd1f1db7e915907d534d6ee3365ef53
SSDEEP

1572864:vkVyeZIZdbw3eNo+1StioVcK7ofk24ScvKhjYV5ci44H2PVgGLGeWqPBMY:vkTIZdbwO187VSnhjwVWPVhCqJMY

Score

7^/10

pyinstaller spyware stealer upx

Static task

static1

2 signatures

Behavioral task

behavioral1

Sample

hitomi_downloader_GUI.zip

Resource

win7-20230220-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral2

Sample

hitomi_downloader_GUI.zip

Resource

win10v2004-20230220-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral3

Sample

Readme.txt

Resource

win7-20230220-en

windows7-x64

1 signatures

150 seconds

Behavioral task

behavioral4

Sample

Readme.txt

Resource

win10v2004-20230220-en

windows10-2004-x64

1 signatures

150 seconds

Behavioral task

behavioral5

Sample

hitomi_downloader_GUI.exe

Resource

win7-20230220-en

spyware stealer upx

windows7-x64

12 signatures

150 seconds

Behavioral task

behavioral6

Sample

hitomi_downloader_GUI.exe

Resource

win10v2004-20230220-en

spyware stealer upx

windows10-2004-x64

14 signatures

150 seconds

Malware Config

Targets

- Target
  
  hitomi_downloader_GUI.zip
- Size
  
  81.0MB
- MD5
  
  b716d665101f4887d1604a6e1ce4bf8f
- SHA1
  
  c1a30f87e4c7f4fca5e7748fbfc382f772655a36
- SHA256
  
  bd58c5f6860ae1a627337bc3cbc20707e7e935013a5bc8946d7a7dd1f5100671
- SHA512
  
  6ef2661d5251eb4c38a766e9acb139f6564fa4057e1feb93b9fc697c26d8b0b6152af706c5069288b1227c930224d132ffd1f1db7e915907d534d6ee3365ef53
- SSDEEP
  
  1572864:vkVyeZIZdbw3eNo+1StioVcK7ofk24ScvKhjYV5ci44H2PVgGLGeWqPBMY:vkTIZdbwO187VSnhjwVWPVhCqJMY
Score

1^/10
behavioral1 behavioral2
- Target
  
  Readme.txt
- Size
  
  122KB
- MD5
  
  7d4947a8733e62cbf8bbe7a9851419a7
- SHA1
  
  cf28a006b544389bceb826e455d829393362850d
- SHA256
  
  4582fb413ac97e6b5def7e2e5829ab8da75922c7e336a3525b2fb4d0d063a38e
- SHA512
  
  652f3796c1bb7846035d319c815fb7746dfeb1c5ff2aa131227bd90266d9501d09a52d4d0c4b8e68b00b97a580b09193d0a503ab328b86f522a561c49b4aaa43
- SSDEEP
  
  1536:qOawcjvu/Jn4WJQyTVSEAqWFKHtuSob7n7K/xHr/tRw2YsuWaNQW:0w4TISXk9Y7WaCW
Score

1^/10
behavioral3 behavioral4
- Target
  
  hitomi_downloader_GUI.exe
- Size
  
  81.2MB
- MD5
  
  b5c7075fd15316300e60ae78eb18cddd
- SHA1
  
  ba89ef99288f0753fa27483c592b585f3f2d99f6
- SHA256
  
  0cd3546b2666c1c8dc2c41bb1b781396aaa169f2951d08369c61265b44a7c6dd
- SHA512
  
  09331f2d4af6d710ff478bf6ab5812dab9d5f9ac55838012c63a5ef537699f845b06a25fe5cf886edd8ce6039059de952b6395ab795b249022877407ba009924
- SSDEEP
  
  1572864:EA3LC/0DLw3I3gpewP87w8P46jg3KsUwGVUrj6r5eSKCvGHLKW3cek4hv:EAO0DLw3IwHSjvwbrj6DOHLjm4N
Score

7^/10

spyware stealer upx
- Executes dropped EXE
- Loads dropped DLL
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral5 behavioral6

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Credentials in Files

Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

spywarestealerupx

behavioral6

spywarestealerupx

© 2018-2025

Terms | Privacy