Overview

overview

10

Static

static

3

Sprydite S...up.exe

windows7-x64

7

Sprydite S...up.exe

windows10-2004-x64

10

SpryditeSetup.exe

windows7-x64

1

SpryditeSetup.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    Sprydite_Setup.zip

  • Size

    73.6MB

  • Sample

    240224-twftqshc2s

  • MD5

    7055556396d97e5ad2a76a138e362008

  • SHA1

    33824a4b827ee53675908c6c8f618fb4e19c2809

  • SHA256

    4113ee678970bd438e135454ca93f5004b531ebeae76d29b49eb5c32620f5e29

  • SHA512

    96423a698ef0db4955099b3b02a1f506bcce62f84cdb5bea5209bd08f99ef82444f1c7fd3f60ff769aeb80767e0cfb87e4a999f0423a9c726f0f1c801487f89f

  • SSDEEP

    1572864:jeJaQBmO1CxAINmJYMdQNTwBQHIhn+6VdqXHsjzje8wmIwX7FFMW5ph:jdO16AI8YAKsn+qdFbRFj5Xh

Score
10/10
epsilonspywarestealer

Malware Config

Targets

    • Target

      Sprydite Setup/SpryditeSetup.exe

    • Size

      73.6MB

    • MD5

      4f9d010102270929a7f6d83a19a08310

    • SHA1

      443a42ca27309804aa2f5e1ae3f311f8ea40040b

    • SHA256

      feec17a9928ac667b7476b75b0742fa1dcd543a66f6c3f8402f53f2df3d5f395

    • SHA512

      3097224c1e489bca7d5b504f8f7c3840c8383d825ccd4c63b5b6ebe71eb0ad0e8be9d678a9edd9fdabc9360ad1825fc06dbcdc7e0edb800d9a2d7de03767137f

    • SSDEEP

      1572864:VejOS3YTcZCc6I8dxEUH61d4rAHmpHWqtnoPR093VKMgEKC5rVzCWVfck:VxTcZr6IWEckYHWknXHd/tX9ck

    Score
    10/10
    epsilonspywarestealer

    • Epsilon Stealer

      Information stealer.

      stealerepsilon

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Looks up external IP address via web service

      Uses a legitimate IP lookup service to find the infected system's external IP.

    • Drops file in System32 directory

    behavioral1behavioral2

    • Target

      SpryditeSetup.exe

    • Size

      168.6MB

    • MD5

      6627212274226bd615fbeb129fb0928e

    • SHA1

      fbdf80b1efd45e0029a56146e7ef5a7e9f63164d

    • SHA256

      3a2bced7e4cbd8e8b4c88c63ea034e15daac3da55bde85c5e7a6dafda1eaa01c

    • SHA512

      5b27af335bf5c3cb4e32520d253c82a37e81f3f48dee7667a959e149a07068904ffc402835d249128c4f5adb3c44adf84d0b550ca3560d8a4a0cf29e2a8e218a

    • SSDEEP

      1572864:KXic4qb6IXgDaJfpEQHgelkLK4z34xGWw0TwW1T/qWhehZvmCtS3JPfyzG49FndX:UVKvWZ8tyx4u

    Score
    10/10
    epsilonspywarestealer

    • Epsilon Stealer

      Information stealer.

      stealerepsilon

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Looks up external IP address via web service

      Uses a legitimate IP lookup service to find the infected system's external IP.

    • Drops file in System32 directory

    behavioral3behavioral4

MITRE ATT&CK Enterprise v15

Tasks