observer | 6b1f5e73fbad2351b4183b20fc4626d75d475fb3c95ee538ae5507f61ac7f0c5 | Triage

Sharing

General

Target

suspect.exe
Size

1.4MB
Sample

240522-tgz9tsge85
MD5

eb9b5a9fb84c5eb9527d724cd9c14118
SHA1

d166e843d328dd358ea748c652e3e422fec001a7
SHA256

6b1f5e73fbad2351b4183b20fc4626d75d475fb3c95ee538ae5507f61ac7f0c5
SHA512

26412f140d5f619f17e705568e6b99d2c8c469b83803edd9fad2559298fb7320b9bc4d60b66a4d4880ca75b9f17fefd5a755a18d0d6dbf2d9768bcc97cec8944
SSDEEP

12288:waBBmsOOeuu8AAU5igKjyRM5LZIBFNOdYbJt1vuE:TGB8pw+e6Ioav1G

Score

10^/10

observer stealer

Malware Config

Extracted

Family

observer

C2

http://91.103.252.17:8912

Targets

- Target
  
  suspect.exe
- Size
  
  1.4MB
- MD5
  
  eb9b5a9fb84c5eb9527d724cd9c14118
- SHA1
  
  d166e843d328dd358ea748c652e3e422fec001a7
- SHA256
  
  6b1f5e73fbad2351b4183b20fc4626d75d475fb3c95ee538ae5507f61ac7f0c5
- SHA512
  
  26412f140d5f619f17e705568e6b99d2c8c469b83803edd9fad2559298fb7320b9bc4d60b66a4d4880ca75b9f17fefd5a755a18d0d6dbf2d9768bcc97cec8944
- SSDEEP
  
  12288:waBBmsOOeuu8AAU5igKjyRM5LZIBFNOdYbJt1vuE:TGB8pw+e6Ioav1G
Score

10^/10

observer stealer
- Observer
  Observer is an infostealer written in C++.
  stealer observer
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

observerstealer

behavioral2

observerstealer