680eab20833bfa30f9c6cd5cef5afbefba9ccd497cdadef84e45478857765632 | Triage

Sharing

General

Target

python.exe
Size

14.2MB
Sample

231229-2m3k5sbad9
MD5

0f3d72bdcf26ecd79cec953c5bb96942
SHA1

a8c6f93dc207ca067d8261a0451d82d22af0bf62
SHA256

680eab20833bfa30f9c6cd5cef5afbefba9ccd497cdadef84e45478857765632
SHA512

2149b2ca73345d1e3a52baf0dd4c65c004247b55fac4d9cc6236344500f1d560cc4e7131bd155bf1eee06f16e235a0c07d111b3fb66ed8c8b2475d5129e0acc5
SSDEEP

196608:CaDnaONJm3Aq7cXXEG0MhCiBTX1QFhjwt25HnujfpPQSExfRc7GQSevXATb+AFAE:VDnaO/m3pWTlAqOHuRx8q7WUAOs

Score

7^/10

pyinstaller spyware stealer

Malware Config

Targets

- Target
  
  python.exe
- Size
  
  14.2MB
- MD5
  
  0f3d72bdcf26ecd79cec953c5bb96942
- SHA1
  
  a8c6f93dc207ca067d8261a0451d82d22af0bf62
- SHA256
  
  680eab20833bfa30f9c6cd5cef5afbefba9ccd497cdadef84e45478857765632
- SHA512
  
  2149b2ca73345d1e3a52baf0dd4c65c004247b55fac4d9cc6236344500f1d560cc4e7131bd155bf1eee06f16e235a0c07d111b3fb66ed8c8b2475d5129e0acc5
- SSDEEP
  
  196608:CaDnaONJm3Aq7cXXEG0MhCiBTX1QFhjwt25HnujfpPQSExfRc7GQSevXATb+AFAE:VDnaO/m3pWTlAqOHuRx8q7WUAOs
Score

7^/10

spyware stealer
- Loads dropped DLL
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Unsecured Credentials

Credentials In Files

Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2