d7bc3c559f864073807734d042eb5d522dc424026bfe2772380e2317dd22b7d3 | Triage

Sharing

General

Target

v.exe
Size

21.2MB
Sample

230824-mle15abh36
MD5

e9f7458b57acc01d8f6341c08f7bf3cb
SHA1

051983ffe44b4d9c10b96540669a1cbd90beddf5
SHA256

d7bc3c559f864073807734d042eb5d522dc424026bfe2772380e2317dd22b7d3
SHA512

11770597852545ae80cb8bc1614a8aec96564f8bcec09fabb54a5bfadafd4372f641e4651d995542b466558a79ec0d173ec9a3fef0e7ed79f5fdddf2529a3e4d
SSDEEP

393216:NDna3FQtsf6r7M5livQETSWvJQn9OqI26YlgzdCyddk:N21Qtsf87M5lmQEWWhQoWOr

Score

7^/10

pyinstaller spyware stealer

Malware Config

Targets

- Target
  
  v.exe
- Size
  
  21.2MB
- MD5
  
  e9f7458b57acc01d8f6341c08f7bf3cb
- SHA1
  
  051983ffe44b4d9c10b96540669a1cbd90beddf5
- SHA256
  
  d7bc3c559f864073807734d042eb5d522dc424026bfe2772380e2317dd22b7d3
- SHA512
  
  11770597852545ae80cb8bc1614a8aec96564f8bcec09fabb54a5bfadafd4372f641e4651d995542b466558a79ec0d173ec9a3fef0e7ed79f5fdddf2529a3e4d
- SSDEEP
  
  393216:NDna3FQtsf6r7M5livQETSWvJQn9OqI26YlgzdCyddk:N21Qtsf87M5lmQEWWhQoWOr
Score

7^/10

spyware stealer
- Loads dropped DLL
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Legitimate hosting services abused for malware hosting/C2
- Looks up external IP address via web service
  Uses a legitimate IP lookup service to find the infected system's external IP.
behavioral1 behavioral2
- Target
  
  VAC-BYPASS.pyc
- Size
  
  49KB
- MD5
  
  25dc5a591c5b120ac755f13295c04fdf
- SHA1
  
  9ba08ff5b9c8b255260d5508499837402fe6edd8
- SHA256
  
  44f2f2a3bc2e21c5c5b0ab16cc014a37faf71d9fc1ed3526f2f1d719f3a254bb
- SHA512
  
  e94cf6ef42adb3d156df5f816ac814116b852d2748fca6a3946cf480dfd14ad218098271c1b85dbac2914f4e2bcfc077325fe748c094cffe606aa2bdc0f1689b
- SSDEEP
  
  1536:t9MWn/28/r+5vipuMqK8GRY4GKT10+SffloRvJPODlhLxmUSgeC:pHiUpu7K8iY4GKT1sloRvJP5UaC
Score

3^/10
behavioral3 behavioral4

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Unsecured Credentials

Credentials In Files

Discovery

System Information Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4