190f7ea6aad7e143caea877ecae93bb442a2bf47efc12d8666d048f472f1edab | Triage

Sharing

Copy URL Twitter E-mail

General

Target

pennys-big-breakaway.exe
Size

62.6MB
Sample

240110-pzv1lsfehj
MD5

4dbd4d5dadecaa09724959a9e623b0d5
SHA1

1af57d4fd0754eac1cc8e0ee55a09fc6b7a8d5ae
SHA256

190f7ea6aad7e143caea877ecae93bb442a2bf47efc12d8666d048f472f1edab
SHA512

2417d468441f70062402ef10a640b17c6f4b0e0572c7984dcedd42e00aad0f3e0ed321ddc12c305f025b91c626a310593a9f70890edc79b2634517c1b5b13b81
SSDEEP

1572864:Cm6a/D8M8YJHGVcKw+V9kulozpfHatc6FHQQW+p/rz:h6a/D8wJHXKw+UuOVStc4QQWArz

Score

7^/10

spyware stealer

Malware Config

Targets

- Target
  
  pennys-big-breakaway.exe
- Size
  
  62.6MB
- MD5
  
  4dbd4d5dadecaa09724959a9e623b0d5
- SHA1
  
  1af57d4fd0754eac1cc8e0ee55a09fc6b7a8d5ae
- SHA256
  
  190f7ea6aad7e143caea877ecae93bb442a2bf47efc12d8666d048f472f1edab
- SHA512
  
  2417d468441f70062402ef10a640b17c6f4b0e0572c7984dcedd42e00aad0f3e0ed321ddc12c305f025b91c626a310593a9f70890edc79b2634517c1b5b13b81
- SSDEEP
  
  1572864:Cm6a/D8M8YJHGVcKw+V9kulozpfHatc6FHQQW+p/rz:h6a/D8wJHXKw+UuOVStc4QQWArz
Score

7^/10

spyware stealer
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Looks up external IP address via web service
  Uses a legitimate IP lookup service to find the infected system's external IP.
behavioral1 behavioral2 behavioral3 behavioral4

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Unsecured Credentials

Credentials In Files

Discovery

Process Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4