ea55994cfa8fc12d9c160129bfdef3fdebc15ba606824b696d137507c7f6e8a4 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

8eeac34877ff16ad074a4d590f867c6b
Size

6.6MB
Sample

240204-mhnh4ahdgj
MD5

8eeac34877ff16ad074a4d590f867c6b
SHA1

38fee8d9cd328ba2824dfeddc26cf235dafdca7a
SHA256

ea55994cfa8fc12d9c160129bfdef3fdebc15ba606824b696d137507c7f6e8a4
SHA512

c19f54db3fcd94c5a4c007bec3c85803d9b91876de72f4d8b622cbbf948e4b336b4d7bce8f9a1f8e7f30e59c9079254ec23a87e31af9acfbd2e84f8293a76832
SSDEEP

196608:cEPmCsXDjDyf6L2WliXYrHW1L+xFKvG+C/v5:tPmCEDVL2ciIrHWRUK++a

Score

7^/10

pyinstaller spyware stealer

Malware Config

Targets

- Target
  
  8eeac34877ff16ad074a4d590f867c6b
- Size
  
  6.6MB
- MD5
  
  8eeac34877ff16ad074a4d590f867c6b
- SHA1
  
  38fee8d9cd328ba2824dfeddc26cf235dafdca7a
- SHA256
  
  ea55994cfa8fc12d9c160129bfdef3fdebc15ba606824b696d137507c7f6e8a4
- SHA512
  
  c19f54db3fcd94c5a4c007bec3c85803d9b91876de72f4d8b622cbbf948e4b336b4d7bce8f9a1f8e7f30e59c9079254ec23a87e31af9acfbd2e84f8293a76832
- SSDEEP
  
  196608:cEPmCsXDjDyf6L2WliXYrHW1L+xFKvG+C/v5:tPmCEDVL2ciIrHWRUK++a
Score

7^/10

spyware stealer
- Loads dropped DLL
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Legitimate hosting services abused for malware hosting/C2
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Unsecured Credentials

Credentials In Files

Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2