15eaeb0e0a59752a04c5327b05df4900c4410be685708f3eb8bdc09894506424 | Triage

Submit
Reports

Overview

overview

7

Static

static

3

main.exe

windows10-2004-x64

7

Sharing

General

Target

main.exe
Size

20.3MB
Sample

240315-y6jqlaae5w
MD5

12205ecb734d315861ed3fd38aad872e
SHA1

508dfeaacc6c740213762b842bc13a9b6603b977
SHA256

15eaeb0e0a59752a04c5327b05df4900c4410be685708f3eb8bdc09894506424
SHA512

daa22c5af4e44f328bfb4ad8471df5d5608b6aa0a426e5aed71d747f25fd5931a07baa9dc9a9ba5d2a32ed78b5e73a2edb78ed1f95f68d38df7a0cd6e0049594
SSDEEP

393216:/B8ZZyEQetFHdw6ZZMV65EdAWXOQo1NTd0o/w3uCx+Qbx3ULKuuerTW:/B8Z0OX2AWX5o1td0v3FBbx3U+/GT

Score

7^/10

pyinstaller spyware stealer upx

Static task

static1

2 signatures

Behavioral task

behavioral1

Sample

main.exe

Resource

win10v2004-20240226-en

spyware stealer upx

windows10-2004-x64

11 signatures

1800 seconds

Malware Config

Targets

- Target
  
  main.exe
- Size
  
  20.3MB
- MD5
  
  12205ecb734d315861ed3fd38aad872e
- SHA1
  
  508dfeaacc6c740213762b842bc13a9b6603b977
- SHA256
  
  15eaeb0e0a59752a04c5327b05df4900c4410be685708f3eb8bdc09894506424
- SHA512
  
  daa22c5af4e44f328bfb4ad8471df5d5608b6aa0a426e5aed71d747f25fd5931a07baa9dc9a9ba5d2a32ed78b5e73a2edb78ed1f95f68d38df7a0cd6e0049594
- SSDEEP
  
  393216:/B8ZZyEQetFHdw6ZZMV65EdAWXOQo1NTd0o/w3uCx+Qbx3ULKuuerTW:/B8Z0OX2AWX5o1td0v3FBbx3U+/GT
Score

7^/10

spyware stealer upx
- Loads dropped DLL
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
- Accesses cryptocurrency files/wallets, possible credential harvesting
  spyware
- Legitimate hosting services abused for malware hosting/C2
- Looks up external IP address via web service
  Uses a legitimate IP lookup service to find the infected system's external IP.
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Unsecured Credentials

Credentials In Files

Discovery

Process Discovery

System Information Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1

spywarestealerupx

© 2018-2025

Terms | Privacy