epsilon | c35d052840a11e04e79b507fbc5c6e086bc9101ab602ac745d9ed343f2cee488 | Triage

Resubmissions

02-06-2024 02:06

240602-cjl2jsfb91 10

02-06-2024 01:34

240602-bzlv2sfa36 10

Sharing

General

Target

UnityLibManager.exe
Size

90.8MB
Sample

240602-cjl2jsfb91
MD5

114fd33387b4888d2d62690655cd6dae
SHA1

c9cd2231dd18d0bed606eff81c1c20ff3bdd8bff
SHA256

c35d052840a11e04e79b507fbc5c6e086bc9101ab602ac745d9ed343f2cee488
SHA512

837aaeac5d3fbdf382c8dd5433c8035685a0f1dae1dc88e09e960b933ead20c9cbe6815bd9ae7542d4143242c49fffd10c0423a1090e1fb7a6c9d3985f90d789
SSDEEP

1572864:IUmwDpaW0RuEy0dEkqkktU063DpeyJ7UiGGYYWKq//TjlTkRBoly:FdD6c3pkktk3Dw07Ui59WKY/FTkQly

Score

10^/10

epsilon spyware stealer

Malware Config

Targets

- Target
  
  UnityLibManager.exe
- Size
  
  90.8MB
- MD5
  
  114fd33387b4888d2d62690655cd6dae
- SHA1
  
  c9cd2231dd18d0bed606eff81c1c20ff3bdd8bff
- SHA256
  
  c35d052840a11e04e79b507fbc5c6e086bc9101ab602ac745d9ed343f2cee488
- SHA512
  
  837aaeac5d3fbdf382c8dd5433c8035685a0f1dae1dc88e09e960b933ead20c9cbe6815bd9ae7542d4143242c49fffd10c0423a1090e1fb7a6c9d3985f90d789
- SSDEEP
  
  1572864:IUmwDpaW0RuEy0dEkqkktU063DpeyJ7UiGGYYWKq//TjlTkRBoly:FdD6c3pkktk3Dw07Ui59WKY/FTkQly
Score

10^/10

epsilon spyware stealer
- Epsilon Stealer
  Information stealer.
  stealer epsilon
- Executes dropped EXE
- Loads dropped DLL
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Looks up external IP address via web service
  Uses a legitimate IP lookup service to find the infected system's external IP.
behavioral1
- Target
  
  my-app-1.0.0.exe
- Size
  
  169.1MB
- MD5
  
  b43efe56dd3c84590056c8c87ad3e6f4
- SHA1
  
  9e490bbec3f132b7eb8ac39dd4d001da8b275b58
- SHA256
  
  d851af974512dc132e8931f8a5d9f443af614e7eb45c140fc8c8971dbb960d78
- SHA512
  
  0800a75016ba6b81de945aed51cac599b21fc24fd416ed360599f585d95a20781b7fa11cd9d7225a30b544ae768f0a38da1f427a42d406e21024b1a742fcaf74
- SSDEEP
  
  1572864:kKrstWwz6PqazPK3qyBcr35JBNLDD/FaCA7pmLMzCOtoAJnn/N0wIbyraIjR:8W0qr26byra
Score

10^/10

epsilon spyware stealer
- Epsilon Stealer
  Information stealer.
  stealer epsilon
- Executes dropped EXE
- Loads dropped DLL
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Looks up external IP address via web service
  Uses a legitimate IP lookup service to find the infected system's external IP.
behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Unsecured Credentials

Credentials In Files

Discovery

System Information Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

epsilonspywarestealer

behavioral2

epsilonspywarestealer