telegram | 4e0e9d2d6101cb27fc1f17a2bba9bbf545f2bb25d8e7d8438662989a62ffbc19 | Triage

Resubmissions

24-04-2024 16:57

240424-vgczzade55 10

24-04-2024 16:53

240424-vdz1bsde25 10

Sharing

General

Target

AccountChanger.exe
Size

17.7MB
Sample

240424-vgczzade55
MD5

874d9918ac068743ff1d236347ffa120
SHA1

589821e6b92f03e1954ba9d13654e246627ebd73
SHA256

4e0e9d2d6101cb27fc1f17a2bba9bbf545f2bb25d8e7d8438662989a62ffbc19
SHA512

c225f3ba2d6bcd5454568c2e87f25651ec49bde8fa1b1952057795dbe4de7cce7a957f945b8b6e4c97af24ee4e8bdc9d60e10843428c97327f21222dc002a778
SSDEEP

393216:marszf490oxv89aq+ZkFMq3+d9ux01vUIT3J0bAW84vvNiyuW:marszfm0ohFCrOd9uo0kW84vv7uW

Score

10^/10

telegram pyinstaller rat spyware stealer telegram

Malware Config

Targets

- Target
  
  AccountChanger.exe
- Size
  
  17.7MB
- MD5
  
  874d9918ac068743ff1d236347ffa120
- SHA1
  
  589821e6b92f03e1954ba9d13654e246627ebd73
- SHA256
  
  4e0e9d2d6101cb27fc1f17a2bba9bbf545f2bb25d8e7d8438662989a62ffbc19
- SHA512
  
  c225f3ba2d6bcd5454568c2e87f25651ec49bde8fa1b1952057795dbe4de7cce7a957f945b8b6e4c97af24ee4e8bdc9d60e10843428c97327f21222dc002a778
- SSDEEP
  
  393216:marszf490oxv89aq+ZkFMq3+d9ux01vUIT3J0bAW84vvNiyuW:marszfm0ohFCrOd9uo0kW84vv7uW
Score

7^/10

spyware stealer
- Loads dropped DLL
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Unsecured Credentials

Credentials In Files

Discovery

System Information Discovery

Lateral Movement

Collection

Data from Local System

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

pyinstallertelegramrattelegram

behavioral1

behavioral2