c5b13fb85702c46b832780bf23b3f401d7974decac9e4393bde95c6d3b1a9d37 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

gui.rar
Size

16.5MB
Sample

240430-matp5shg35
MD5

ed908539e12658cd86ebb13139973e68
SHA1

40b9abaeebc5779e718065a68643262d29fc5158
SHA256

c5b13fb85702c46b832780bf23b3f401d7974decac9e4393bde95c6d3b1a9d37
SHA512

59bf74c576b0a76a02d63e50ef1cce5155388c2f4dc51f1c4c35ce6beb0492b99247d2f316532c6d7c66535b523c1330877f6ad9a16c0dad3967580cb61fda7d
SSDEEP

393216:bHXpkI2/cmGve2Xn3s0rSDi+MrNtNRtLCXJPQnhe2m2:b53HxRHseSYHNR1e4he2m2

Score

7^/10

pyinstaller spyware stealer

Malware Config

Targets

- Target
  
  gui.rar
- Size
  
  16.5MB
- MD5
  
  ed908539e12658cd86ebb13139973e68
- SHA1
  
  40b9abaeebc5779e718065a68643262d29fc5158
- SHA256
  
  c5b13fb85702c46b832780bf23b3f401d7974decac9e4393bde95c6d3b1a9d37
- SHA512
  
  59bf74c576b0a76a02d63e50ef1cce5155388c2f4dc51f1c4c35ce6beb0492b99247d2f316532c6d7c66535b523c1330877f6ad9a16c0dad3967580cb61fda7d
- SSDEEP
  
  393216:bHXpkI2/cmGve2Xn3s0rSDi+MrNtNRtLCXJPQnhe2m2:b53HxRHseSYHNR1e4he2m2
Score

3^/10
behavioral1
- Target
  
  pnf5avSVzG.exe
- Size
  
  16.7MB
- MD5
  
  6a5f96ede04ff0a9a2921417e1e9d69e
- SHA1
  
  f0dcf69a3dd4b20eb4ebdae98931213b186f0973
- SHA256
  
  1adb39c38c56975104123db936a7ce5fa1e8da54b6ddc319d4bbfc67d870576d
- SHA512
  
  626e23add873f4f2a87a4cd9e89e4f17137e4065dbf4c02bece87d2ac120cdddeccbbd9031488d736480e75f8c1c88ab181519983d5ef579846c3e713cd258a0
- SSDEEP
  
  393216:ULQ8s4u1wW+eGQR79johBGcP6USpfOY5:MQ3R1wW+e5R79ME5OY5
Score

7^/10

spyware stealer
- Drops startup file
- Loads dropped DLL
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Looks up external IP address via web service
  Uses a legitimate IP lookup service to find the infected system's external IP.
behavioral2
- Target
  
  pnf5avSVzG.pyc
- Size
  
  57KB
- MD5
  
  ab7e397193663911a2d5ab942f572c36
- SHA1
  
  ef0da6c12a1a548d6dd9ac4bd933f01e0d4ddd24
- SHA256
  
  e66045cfd60a2d41d6440b4b888df0dfcc28520085fdfcae536aae8867b2139f
- SHA512
  
  c8090073ba1cc9d8f4da0f2a5489e70d7670e5f78e93851435fe2a41e042ee291d311a2554999bd9abf168cb6591da3fda6647b66bab617f4690e67bbfde70e5
- SSDEEP
  
  768:CCy2qks1l/mja1fgFK2K+La+2LcGVdPNQ1tFA0JK5ECHs:flqks1l/ma1f8K2K+La+218nCHs
Score

3^/10
behavioral3

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Unsecured Credentials

Credentials In Files

Discovery

Process Discovery

System Information Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

behavioral3