5b4e3c99b1366492acdcac0ab08721125a1f29e60d654d7d26904fad6a28616f | Triage

Resubmissions

23-07-2023 15:02

230723-settlaed65 7

23-07-2023 14:39

230723-r1ar6sed22 7

Sharing

General

Target

Free Woofer BloX.exe
Size

39.2MB
Sample

230723-settlaed65
MD5

793c4da2d66ae4a3175432265b716f3b
SHA1

87f69e5d036ec2d1dca2c7348b5d336d38b17d84
SHA256

5b4e3c99b1366492acdcac0ab08721125a1f29e60d654d7d26904fad6a28616f
SHA512

34702eaaf3530fcc065b5d3809cc7beb6c09c30abc248abc08c29247507dbec2fb47698d6a1d10045c2240eb7c6574ef3ae7acaba5224618873067681026765c
SSDEEP

393216:f1Du8BtuBw2FEL3Z3aLUoQvo6LP/SgbSpYvKEh1EdKwlGQKPJuGsiTfREsrgCYfP:fMguj8Q4VfvUqFTrYPV

Score

7^/10

spyware stealer

Malware Config

Targets

- Target
  
  Free Woofer BloX.exe
- Size
  
  39.2MB
- MD5
  
  793c4da2d66ae4a3175432265b716f3b
- SHA1
  
  87f69e5d036ec2d1dca2c7348b5d336d38b17d84
- SHA256
  
  5b4e3c99b1366492acdcac0ab08721125a1f29e60d654d7d26904fad6a28616f
- SHA512
  
  34702eaaf3530fcc065b5d3809cc7beb6c09c30abc248abc08c29247507dbec2fb47698d6a1d10045c2240eb7c6574ef3ae7acaba5224618873067681026765c
- SSDEEP
  
  393216:f1Du8BtuBw2FEL3Z3aLUoQvo6LP/SgbSpYvKEh1EdKwlGQKPJuGsiTfREsrgCYfP:fMguj8Q4VfvUqFTrYPV
Score

7^/10

spyware stealer
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
behavioral1 behavioral2 behavioral3

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Unsecured Credentials

Credentials In Files

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

behavioral3