bc44df57d0c237731ad110b4517351fc66fc20405adb36a20988a8e15de87407 | Triage

Sharing

General

Target

test.exe
Size

11.3MB
Sample

240203-pw5qmshch4
MD5

de093ddf09fc55f42388c675380858c7
SHA1

a6167902b450841d5b50b43e9679fb00a85afafc
SHA256

bc44df57d0c237731ad110b4517351fc66fc20405adb36a20988a8e15de87407
SHA512

5035522a9dab568c5d83542c7a73cc7923d0804bde96c3e0e0f4f04c051ae2e94b34be482f31587561c2228304d560ce1cc5206b6aa6f3aa8a4d6e9d274ebc31
SSDEEP

196608:dc6n04UnZKSbl/HFVLgAnjNMJSon6F1W903eV4QJXMToEuGxgh858F0ibfUxgABs:i4UnTBfFZNRwSo67W+eGQJXMTozGxu8F

Score

7^/10

pyinstaller spyware stealer

Malware Config

Targets

- Target
  
  test.exe
- Size
  
  11.3MB
- MD5
  
  de093ddf09fc55f42388c675380858c7
- SHA1
  
  a6167902b450841d5b50b43e9679fb00a85afafc
- SHA256
  
  bc44df57d0c237731ad110b4517351fc66fc20405adb36a20988a8e15de87407
- SHA512
  
  5035522a9dab568c5d83542c7a73cc7923d0804bde96c3e0e0f4f04c051ae2e94b34be482f31587561c2228304d560ce1cc5206b6aa6f3aa8a4d6e9d274ebc31
- SSDEEP
  
  196608:dc6n04UnZKSbl/HFVLgAnjNMJSon6F1W903eV4QJXMToEuGxgh858F0ibfUxgABs:i4UnTBfFZNRwSo67W+eGQJXMTozGxu8F
Score

7^/10

spyware stealer
- Loads dropped DLL
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Legitimate hosting services abused for malware hosting/C2
- Looks up external IP address via web service
  Uses a legitimate IP lookup service to find the infected system's external IP.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Unsecured Credentials

Credentials In Files

Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2