0412911cc07301111d7ad3bda23664c90060651e82c6c2f16866bd306c18ae8d | Triage

Sharing

General

Target

FA AntiVira Prosses Watch.exe
Size

10.1MB
Sample

240528-rjf8mage7s
MD5

c9fb6c695f439ceb017c59abc7c3f6ca
SHA1

ddf28147ba18cd3829e6ac1e614cafdbbb240790
SHA256

0412911cc07301111d7ad3bda23664c90060651e82c6c2f16866bd306c18ae8d
SHA512

950a7752a2ee1434ca9e22c46f8b444769b1c1d25af5512d9c16b62f4fa12bd1fe22280efe7c3c6def40e12d6e56361d6cd3619edbaefbf13396109dba4002c9
SSDEEP

196608:DsqFWA1HeT39IigheE9TFa0Z8DOjCdylhY8gh70W8/LeoCfownzbQWa0n6x:B1+TtIibY9Z8D8CclyhCW8SMUnwi6x

Score

7^/10

pyinstaller spyware stealer

Malware Config

Targets

- Target
  
  FA AntiVira Prosses Watch.exe
- Size
  
  10.1MB
- MD5
  
  c9fb6c695f439ceb017c59abc7c3f6ca
- SHA1
  
  ddf28147ba18cd3829e6ac1e614cafdbbb240790
- SHA256
  
  0412911cc07301111d7ad3bda23664c90060651e82c6c2f16866bd306c18ae8d
- SHA512
  
  950a7752a2ee1434ca9e22c46f8b444769b1c1d25af5512d9c16b62f4fa12bd1fe22280efe7c3c6def40e12d6e56361d6cd3619edbaefbf13396109dba4002c9
- SSDEEP
  
  196608:DsqFWA1HeT39IigheE9TFa0Z8DOjCdylhY8gh70W8/LeoCfownzbQWa0n6x:B1+TtIibY9Z8D8CclyhCW8SMUnwi6x
Score

7^/10

spyware stealer
- Loads dropped DLL
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
behavioral1

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Unsecured Credentials

Credentials In Files

Discovery

Lateral Movement

Collection

Data from Local System

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1