a9921761d913ca2863624ad70e59613ae989691aa88c9c429fbe8c4db977f143 | Triage

Sharing

General

Target

25790d9ab277081e27bebf6ec09187f8
Size

7.7MB
Sample

231231-dgt5tacger
MD5

25790d9ab277081e27bebf6ec09187f8
SHA1

7c2c0dec10554420ed77fbd4a443e3db094834c9
SHA256

a9921761d913ca2863624ad70e59613ae989691aa88c9c429fbe8c4db977f143
SHA512

d55ceedbf91893d08cea2a3fcb2bb0d694e7dcba5e950f97b715776d889b195173294f7b91bf0bc90be51e4d6e39cd26f08a9b4fa318f307851902e13b3467f9
SSDEEP

196608:8U+0yPuWCsXDjDyf6L2WliXYrHW1Da8EDulGVhV:EPuWCEDVL2ciIrHWHEDig

Score

7^/10

pyinstaller spyware stealer

Malware Config

Targets

- Target
  
  25790d9ab277081e27bebf6ec09187f8
- Size
  
  7.7MB
- MD5
  
  25790d9ab277081e27bebf6ec09187f8
- SHA1
  
  7c2c0dec10554420ed77fbd4a443e3db094834c9
- SHA256
  
  a9921761d913ca2863624ad70e59613ae989691aa88c9c429fbe8c4db977f143
- SHA512
  
  d55ceedbf91893d08cea2a3fcb2bb0d694e7dcba5e950f97b715776d889b195173294f7b91bf0bc90be51e4d6e39cd26f08a9b4fa318f307851902e13b3467f9
- SSDEEP
  
  196608:8U+0yPuWCsXDjDyf6L2WliXYrHW1Da8EDulGVhV:EPuWCEDVL2ciIrHWHEDig
Score

7^/10

spyware stealer
- Loads dropped DLL
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Legitimate hosting services abused for malware hosting/C2
- Looks up external IP address via web service
  Uses a legitimate IP lookup service to find the infected system's external IP.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Unsecured Credentials

Credentials In Files

Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2