97d836be8b8e3eb990de62b75ba449640afd91bf496e1069855e70269476e732 | Triage

Sharing

General

Target

winordie.exe
Size

6.7MB
Sample

230610-18btwagf8t
MD5

a4d6b4d11be6f4ad439d0f9fa5ffe88a
SHA1

289460837c67dc59579fe47308dccad1db976cd6
SHA256

97d836be8b8e3eb990de62b75ba449640afd91bf496e1069855e70269476e732
SHA512

780573c9dda72221e91d478fec5f5707fc93e438137376bfa67b90f860f680ad92ea48b2e37a8b8af6481b8523355f066691e13a0fb6dff62544e65fe781859e
SSDEEP

196608:7FY0JDfyGZ21X5Sp6GemDMPwuWJYPnkR:pY0JDfD0pfaMPWT

Score

7^/10

pyinstaller spyware stealer

Malware Config

Targets

- Target
  
  winordie.exe
- Size
  
  6.7MB
- MD5
  
  a4d6b4d11be6f4ad439d0f9fa5ffe88a
- SHA1
  
  289460837c67dc59579fe47308dccad1db976cd6
- SHA256
  
  97d836be8b8e3eb990de62b75ba449640afd91bf496e1069855e70269476e732
- SHA512
  
  780573c9dda72221e91d478fec5f5707fc93e438137376bfa67b90f860f680ad92ea48b2e37a8b8af6481b8523355f066691e13a0fb6dff62544e65fe781859e
- SSDEEP
  
  196608:7FY0JDfyGZ21X5Sp6GemDMPwuWJYPnkR:pY0JDfD0pfaMPWT
Score

7^/10

spyware stealer
- Loads dropped DLL
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Credentials in Files

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2