1ddb3a19547881614e3f832f2ba23f2d8f0b18277105322734660cd41bbaa3bd | Triage

Resubmissions

19-03-2024 20:27

240319-y8vwmsfd7z 7

19-03-2024 20:23

240319-y6lj7afc9w 7

19-03-2024 20:16

240319-y2lpdsed73 7

Sharing

General

Target

TTD_TRADE_SCAM_CLIENT.exe
Size

20.7MB
Sample

240319-y6lj7afc9w
MD5

b6709ef840959186d7c0e02fe4c5f51e
SHA1

568466b9759939e6c7a4e9cea1309061a1dfd876
SHA256

1ddb3a19547881614e3f832f2ba23f2d8f0b18277105322734660cd41bbaa3bd
SHA512

f9656d61da31cfd0deb7663074354d103cbd1bb0a48aca7bb06a99f30eb9b3c0b18b60c9e1c9c2b0cf5ff73aea0b447fda38aa4c910f9685c2d0a4951f07bb91
SSDEEP

393216:r7DnaUQts2Y2py7ADfDrlpfaMPgFRtaHW8p2m204ezGK0diyRi:v2UQts2Y2CAbPHf9PgF4W8p2mWpAy

Score

7^/10

pyinstaller spyware stealer

Malware Config

Targets

- Target
  
  TTD_TRADE_SCAM_CLIENT.exe
- Size
  
  20.7MB
- MD5
  
  b6709ef840959186d7c0e02fe4c5f51e
- SHA1
  
  568466b9759939e6c7a4e9cea1309061a1dfd876
- SHA256
  
  1ddb3a19547881614e3f832f2ba23f2d8f0b18277105322734660cd41bbaa3bd
- SHA512
  
  f9656d61da31cfd0deb7663074354d103cbd1bb0a48aca7bb06a99f30eb9b3c0b18b60c9e1c9c2b0cf5ff73aea0b447fda38aa4c910f9685c2d0a4951f07bb91
- SSDEEP
  
  393216:r7DnaUQts2Y2py7ADfDrlpfaMPgFRtaHW8p2m204ezGK0diyRi:v2UQts2Y2CAbPHf9PgF4W8p2mWpAy
Score

7^/10

spyware stealer
- Loads dropped DLL
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
behavioral1
- Target
  
  CockiLoggerNEW.pyc
- Size
  
  10KB
- MD5
  
  6b47edbefd6c9c6c68420acaed36b20f
- SHA1
  
  675f8bc0302a4030d0d475f106a4343aedfc7251
- SHA256
  
  7e1fde40831c2604ed95158d2e3bad7efab63816190bade9d06b22b307047ea2
- SHA512
  
  35254fefa768366b48f3b3579686701e7fdc15508e9e8fc196f65d75bcc76477d270b4b8ef5753e47b37c5d8826ef5d8d838424d282aab2a66ef0fd24c7234b6
- SSDEEP
  
  192:KYzQ2Ucq5cNTme0KBjo5OX4CzzA1V0CmGA9FbJut3nyrdyXT:KkBUcqqNT7Bc5o4CzzA1eXU4i
Score

3^/10
behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Unsecured Credentials

Credentials In Files

Discovery

System Information Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2