2e0bf463cd5362ebac45d3e274f0b71e1280c2ac5af24942b15f83af0be354d2 | Triage

Sharing

General

Target

FA AntiVira Prosses Watch.exe
Size

7.2MB
Sample

240528-rfh8tagd6w
MD5

3434441121f6d1bde7b84343a2cf684a
SHA1

5c4409492313fa0fb60fb628afabca263b29d93d
SHA256

2e0bf463cd5362ebac45d3e274f0b71e1280c2ac5af24942b15f83af0be354d2
SHA512

54d3bb85e36410716fa68a7e4f89dfb1d57abbae26368726188b3205c9b1ef709e426167cf5e8a02e5a58ecb5adf1ebe2a2ebeb51197084b97c14d041b30c1c6
SSDEEP

196608:ksLZWA1HeT39IigheE9TFa0Z8DOjCdylNownzbQWa0ngx:v1+TtIibY9Z8D8CclyUnwigx

Score

7^/10

pyinstaller spyware stealer

Malware Config

Targets

- Target
  
  FA AntiVira Prosses Watch.exe
- Size
  
  7.2MB
- MD5
  
  3434441121f6d1bde7b84343a2cf684a
- SHA1
  
  5c4409492313fa0fb60fb628afabca263b29d93d
- SHA256
  
  2e0bf463cd5362ebac45d3e274f0b71e1280c2ac5af24942b15f83af0be354d2
- SHA512
  
  54d3bb85e36410716fa68a7e4f89dfb1d57abbae26368726188b3205c9b1ef709e426167cf5e8a02e5a58ecb5adf1ebe2a2ebeb51197084b97c14d041b30c1c6
- SSDEEP
  
  196608:ksLZWA1HeT39IigheE9TFa0Z8DOjCdylNownzbQWa0ngx:v1+TtIibY9Z8D8CclyUnwigx
Score

7^/10

spyware stealer
- Loads dropped DLL
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
behavioral1

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Unsecured Credentials

Credentials In Files

Discovery

Query Registry

Peripheral Device Discovery

System Information Discovery

Lateral Movement

Collection

Data from Local System

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1