abac96f7f404d50d76d0f3bc501a5b60b3026dc63c713d40e4ff18eca6736488 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

208667472049a045cb965920b62b81fd
Size

6.6MB
Sample

231230-3st2mafhbr
MD5

208667472049a045cb965920b62b81fd
SHA1

a114f1892bbceb4ac96f89c3274c34babae336c2
SHA256

abac96f7f404d50d76d0f3bc501a5b60b3026dc63c713d40e4ff18eca6736488
SHA512

aec49b09e4306c822462dc8cd6a811eaea19a5d05cbd141a06003bee675087438b417b5d2f4b7b87123c446d00af707f9ab175a11b0152f981c6de90fd3562a5
SSDEEP

196608:FIAPmCsXDjDyf6L2WliXYrHW1ZIXS8kE:tPmCEDVL2ciIrHWbIXt

Score

7^/10

pyinstaller spyware stealer

Malware Config

Targets

- Target
  
  208667472049a045cb965920b62b81fd
- Size
  
  6.6MB
- MD5
  
  208667472049a045cb965920b62b81fd
- SHA1
  
  a114f1892bbceb4ac96f89c3274c34babae336c2
- SHA256
  
  abac96f7f404d50d76d0f3bc501a5b60b3026dc63c713d40e4ff18eca6736488
- SHA512
  
  aec49b09e4306c822462dc8cd6a811eaea19a5d05cbd141a06003bee675087438b417b5d2f4b7b87123c446d00af707f9ab175a11b0152f981c6de90fd3562a5
- SSDEEP
  
  196608:FIAPmCsXDjDyf6L2WliXYrHW1ZIXS8kE:tPmCEDVL2ciIrHWbIXt
Score

7^/10

spyware stealer
- Loads dropped DLL
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Legitimate hosting services abused for malware hosting/C2
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Unsecured Credentials

Credentials In Files

Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2