phemedrone | 75ce00349f364e34ca9744edff81d8e7e4237b035a0bea0ab2cf3e5c29e55af9 | Triage

Resubmissions

12-10-2023 12:35

231012-psttzaac8x 10

04-10-2023 13:44

231004-q16n6sea48 10

Sharing

General

Target

SpotifySetup.exe
Size

2.8MB
Sample

231004-q16n6sea48
MD5

da56532db7d8cb67270fc27697bb524e
SHA1

d127c343cc8e7484997f541aeeebec8b63fa39a0
SHA256

75ce00349f364e34ca9744edff81d8e7e4237b035a0bea0ab2cf3e5c29e55af9
SHA512

6e856cb531dc6752872c7beadf0b6fa24e2457c8d9afa4d240c12b8d297eb6263b34726d8c720458e99d6958ce9917933356bd43f165c936d1304e6c1df85377
SSDEEP

49152:y2My0eKmxEyFNfjLmIUlOu7QtmZWNWwG6/MhmdWWjkCIj+yNyRS0b4t4TxCejhzq:

Score

10^/10

phemedrone stealer

Malware Config

Targets

- Target
  
  SpotifySetup.exe
- Size
  
  2.8MB
- MD5
  
  da56532db7d8cb67270fc27697bb524e
- SHA1
  
  d127c343cc8e7484997f541aeeebec8b63fa39a0
- SHA256
  
  75ce00349f364e34ca9744edff81d8e7e4237b035a0bea0ab2cf3e5c29e55af9
- SHA512
  
  6e856cb531dc6752872c7beadf0b6fa24e2457c8d9afa4d240c12b8d297eb6263b34726d8c720458e99d6958ce9917933356bd43f165c936d1304e6c1df85377
- SSDEEP
  
  49152:y2My0eKmxEyFNfjLmIUlOu7QtmZWNWwG6/MhmdWWjkCIj+yNyRS0b4t4TxCejhzq:
Score

10^/10

phemedrone stealer
- Phemedrone
  An information and wallet stealer written in C#.
  stealer phemedrone
- Executes dropped EXE
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

phemedronestealer

behavioral2