c3bea77935fa1563dd6b3879e53736cf5a840550cd61a6b3c46c7bd6992fa191 | Triage

Sharing

General

Target

tong.exe
Size

16.5MB
Sample

230610-mv59nseh24
MD5

0338c8ca499fa6d5f9fd5b60e706f2fc
SHA1

4af3b4c922675a4e34a0d73916a0d1a8ef8f7a1e
SHA256

c3bea77935fa1563dd6b3879e53736cf5a840550cd61a6b3c46c7bd6992fa191
SHA512

932e622a83d10fff3cd0c09bcca40224cd3fe236b2787a3d15a4cc01e8cf3201ff9d478df360a6dbaffa60f656ebfceca8c021564bc846260ef064023d960224
SSDEEP

393216:vu7L/sQPdvBT1obI/hvaCncvnKhs4Gpa66g77ZSqJIAky/Nij:vCL0QPJx1h/hiCn1hs4JDg77ZS4iyA

Score

7^/10

pyinstaller spyware stealer

Malware Config

Targets

- Target
  
  tong.exe
- Size
  
  16.5MB
- MD5
  
  0338c8ca499fa6d5f9fd5b60e706f2fc
- SHA1
  
  4af3b4c922675a4e34a0d73916a0d1a8ef8f7a1e
- SHA256
  
  c3bea77935fa1563dd6b3879e53736cf5a840550cd61a6b3c46c7bd6992fa191
- SHA512
  
  932e622a83d10fff3cd0c09bcca40224cd3fe236b2787a3d15a4cc01e8cf3201ff9d478df360a6dbaffa60f656ebfceca8c021564bc846260ef064023d960224
- SSDEEP
  
  393216:vu7L/sQPdvBT1obI/hvaCncvnKhs4Gpa66g77ZSqJIAky/Nij:vCL0QPJx1h/hiCn1hs4JDg77ZS4iyA
Score

7^/10

spyware stealer
- Loads dropped DLL
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Legitimate hosting services abused for malware hosting/C2
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Web Service

Credential Access

Credentials in Files

Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2