Overview

overview

7

Static

static

3

pymain.exe

windows10-1703-x64

7

Sharing

Copy URL Twitter E-mail

General

  • Target

    pymain.exe

  • Size

    9.5MB

  • Sample

    230606-gzslgscg61

  • MD5

    8ceae9ede4b58c54d30e2119999fd89e

  • SHA1

    346e0bc3573f1fbf8a3ac9dcf27232c16167ab47

  • SHA256

    f0c974e282a6850a755999cd13ccef98d15a7ed093df19ba47b43d22cac70c1b

  • SHA512

    f4eb78879093cd1ca03325c11ead7bc28426fbe35730f53e7c8055bf45a6c5bc72e7f7c37ae36385aad260b433e7e27148003af57d7a6ee9e28cfcce5016bc18

  • SSDEEP

    196608:tnzDnaRY3pvuuDfyGj21X5Sp6GemDMPwQRA+xW23V2W7U6YPFqhSIk:5DnaRY3pJDfDqpfaMPFR52QU6g

Score
7/10
pyinstallerspywarestealer

Malware Config

Targets

    • Target

      pymain.exe

    • Size

      9.5MB

    • MD5

      8ceae9ede4b58c54d30e2119999fd89e

    • SHA1

      346e0bc3573f1fbf8a3ac9dcf27232c16167ab47

    • SHA256

      f0c974e282a6850a755999cd13ccef98d15a7ed093df19ba47b43d22cac70c1b

    • SHA512

      f4eb78879093cd1ca03325c11ead7bc28426fbe35730f53e7c8055bf45a6c5bc72e7f7c37ae36385aad260b433e7e27148003af57d7a6ee9e28cfcce5016bc18

    • SSDEEP

      196608:tnzDnaRY3pvuuDfyGj21X5Sp6GemDMPwQRA+xW23V2W7U6YPFqhSIk:5DnaRY3pJDfDqpfaMPFR52QU6g

    Score
    7/10
    spywarestealer

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Looks up external IP address via web service

      Uses a legitimate IP lookup service to find the infected system's external IP.

    behavioral1

MITRE ATT&CK Enterprise v6

Tasks