f7764dd135c68cedae87b8ea7d214bb67b18206f6263af3abcf0eb602e8a1006 | Triage

Sharing

General

Target

Itinerary.pdf.exe
Size

14.2MB
Sample

231116-rxvm6sdg2v
MD5

51f3821fc34792d0ece5cc5e045de80f
SHA1

336056ef27ed23dab5d64971c813c5bf4cc232d6
SHA256

f7764dd135c68cedae87b8ea7d214bb67b18206f6263af3abcf0eb602e8a1006
SHA512

40c7e256845d5a09ee53f9a0266cf71637237c08a36833fbae3d3bca909754ce22201f664e9a030a2430775459647b42c2d1b83a570a1448f6924fbb5af7cc33
SSDEEP

393216:zS+h7SYHi+2ohcyLkW+eGQRz9joUau5qW80hoA/Ew/:zS+ZSYHiRyc0kW+e5Rz9Ma5qW80h

Score

7^/10

pyinstaller spyware stealer

Malware Config

Targets

- Target
  
  Itinerary.pdf.exe
- Size
  
  14.2MB
- MD5
  
  51f3821fc34792d0ece5cc5e045de80f
- SHA1
  
  336056ef27ed23dab5d64971c813c5bf4cc232d6
- SHA256
  
  f7764dd135c68cedae87b8ea7d214bb67b18206f6263af3abcf0eb602e8a1006
- SHA512
  
  40c7e256845d5a09ee53f9a0266cf71637237c08a36833fbae3d3bca909754ce22201f664e9a030a2430775459647b42c2d1b83a570a1448f6924fbb5af7cc33
- SSDEEP
  
  393216:zS+h7SYHi+2ohcyLkW+eGQRz9joUau5qW80hoA/Ew/:zS+ZSYHiRyc0kW+e5Rz9Ma5qW80h
Score

7^/10

spyware stealer
- Loads dropped DLL
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Unsecured Credentials

Credentials In Files

Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2