38f33888bd7312f11be6871eaa598cf935e42ff52149ba38670aa4926fa215ac | Triage

Resubmissions

11/06/2023, 08:11

230611-j3fr7shd7t 7

11/06/2023, 08:07

230611-jz6t8ahd6z 7

Sharing

General

Target

pincracker.exe
Size

9.4MB
Sample

230611-j3fr7shd7t
MD5

9d596a6741a945c4ab7ed54d687c4183
SHA1

7c1d8e5e754465f54fc37fdf0ab5786e36ec6feb
SHA256

38f33888bd7312f11be6871eaa598cf935e42ff52149ba38670aa4926fa215ac
SHA512

4fae9bd6c08afe7a66a613560c270a571d9a313f6a6623718ccc154c3da3b11d8209dc606b3e45a6591aecd792f9a55b81cee25e27a8c5889414f60ac9cb1a5a
SSDEEP

196608:20mY3pvuuDfyGR21X5Sp6GemDMPwWRA+xW0Z8UYPGAfhzX:4Y3pJDfDspfaMPlRb8UEt

Score

7^/10

pyinstaller spyware stealer

Malware Config

Targets

- Target
  
  pincracker.exe
- Size
  
  9.4MB
- MD5
  
  9d596a6741a945c4ab7ed54d687c4183
- SHA1
  
  7c1d8e5e754465f54fc37fdf0ab5786e36ec6feb
- SHA256
  
  38f33888bd7312f11be6871eaa598cf935e42ff52149ba38670aa4926fa215ac
- SHA512
  
  4fae9bd6c08afe7a66a613560c270a571d9a313f6a6623718ccc154c3da3b11d8209dc606b3e45a6591aecd792f9a55b81cee25e27a8c5889414f60ac9cb1a5a
- SSDEEP
  
  196608:20mY3pvuuDfyGR21X5Sp6GemDMPwWRA+xW0Z8UYPGAfhzX:4Y3pJDfDspfaMPlRb8UEt
Score

7^/10

spyware stealer
- Loads dropped DLL
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Legitimate hosting services abused for malware hosting/C2
behavioral1

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Web Service

Credential Access

Credentials in Files

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1