c34cf3baad24777ecfcdf229cf1a375215eb46ce84cf3bc64a35509f077be43d | Triage

Sharing

General

Target

bc506cf6d29c348a922143ae80d78e61
Size

6.6MB
Sample

240309-vcp4qsdc3v
MD5

bc506cf6d29c348a922143ae80d78e61
SHA1

30510a3e423e60f580cec38e9f931edd45df39b1
SHA256

c34cf3baad24777ecfcdf229cf1a375215eb46ce84cf3bc64a35509f077be43d
SHA512

7092eeec0f05b07c1626ce04ad9acce62ff0c5cf28fe2ea3b3b3a52937bac99c52191503546562d8559283f3b3ce49dc40c1823f0f62515f64883bb15fc5c8ef
SSDEEP

196608:JOhPmCsXDjDyf6L2WliXYrHW1Lo+k+KsR67:KPmCEDVL2ciIrHWRo+f9c

Score

7^/10

pyinstaller spyware stealer

Malware Config

Targets

- Target
  
  bc506cf6d29c348a922143ae80d78e61
- Size
  
  6.6MB
- MD5
  
  bc506cf6d29c348a922143ae80d78e61
- SHA1
  
  30510a3e423e60f580cec38e9f931edd45df39b1
- SHA256
  
  c34cf3baad24777ecfcdf229cf1a375215eb46ce84cf3bc64a35509f077be43d
- SHA512
  
  7092eeec0f05b07c1626ce04ad9acce62ff0c5cf28fe2ea3b3b3a52937bac99c52191503546562d8559283f3b3ce49dc40c1823f0f62515f64883bb15fc5c8ef
- SSDEEP
  
  196608:JOhPmCsXDjDyf6L2WliXYrHW1Lo+k+KsR67:KPmCEDVL2ciIrHWRo+f9c
Score

7^/10

spyware stealer
- Loads dropped DLL
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Legitimate hosting services abused for malware hosting/C2
- Looks up external IP address via web service
  Uses a legitimate IP lookup service to find the infected system's external IP.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Unsecured Credentials

Credentials In Files

Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2