3f7f2fa931e4c9fddf8bf0c4476c00e6298244dfd45ffa967ed1bbdf7aab4c67 | Triage

Sharing

General

Target

pictrexclient-main.zip
Size

27.4MB
Sample

240706-se8bzs1hrr
MD5

faac69e5abe83bbed93e00a7a45f2344
SHA1

fecd4c825bec5003c19ee8a61e92cc3d93e67778
SHA256

3f7f2fa931e4c9fddf8bf0c4476c00e6298244dfd45ffa967ed1bbdf7aab4c67
SHA512

9baba774ef2474e9b44c5e57d310e379bd00d78398e7da849bf515f998a82a2d2023f3e9d4fa9427da7d5306ef7038040f9d64a10cc0fd50dfdd2f4ccdb1adde
SSDEEP

786432:UQTVqw0OVVe8qcHfKYBaIBoJ6Ovp8l8wm7xy4:Yw0SVe8cYBaI6J6OR84

Score

7^/10

pyinstaller spyware stealer

Malware Config

Targets

- Target
  
  pictrexclient-main/downloadfromrelease.txt
- Size
  
  1B
- MD5
  
  68b329da9893e34099c7d8ad5cb9c940
- SHA1
  
  adc83b19e793491b1c6ea0fd8b46cd9f32e592fc
- SHA256
  
  01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b
- SHA512
  
  be688838ca8686e5c90689bf2ab585cef1137c999b48c70b92f67a5c34dc15697b5d11c982ed6d71be1e1e7f7b4e0733884aa97c3f7a339a8ed03577cf74be09
Score

1^/10
behavioral1 behavioral2
- Target
  
  pictrexclient-main/gui.dll
- Size
  
  6.9MB
- MD5
  
  a95cacbb2a6540d97b99c5df61cb5196
- SHA1
  
  3949201761754ba240d846b36474f1ca2caebb9a
- SHA256
  
  147c739bfecbe74fc1b8e30dfc68b99214160aef76e1b42a360d3a1641b81f91
- SHA512
  
  5e080f7e7ec8159471b95766433c3239b93ed7259a5ecb3bc122621c7e589a322c08be19fbbb2b16329325286348fcde67b1432e33d6e0822972ca4d88eb554d
- SSDEEP
  
  98304:YHFl2w8cuNdWqX/ItGhbIC8LKVBBRHnZs3gP8i+FbiQZfrkE2N10PHRed9jqjHRl:88cuzd4H2VBBRHsfkUfH2kIkdmt5Ti1
Score

1^/10
behavioral3 behavioral4
- Target
  
  pictrexclient-main/inject.dll
- Size
  
  13.4MB
- MD5
  
  7982ce756c6e8c8f6bab62eb1902b714
- SHA1
  
  80f79ef136a8b4866bc7be1669584361b9a0ab23
- SHA256
  
  5ab77cc5db8e1544d386fd28586598317da8dcbef098fb86d8d8a60e739e0e5d
- SHA512
  
  71f9b4d30d41a28de009ddfbe6c9328a905dba6bb83623e14e252a255b641b88307c51754d509bed608a44882c5bfb9502bd1a533162a13d78d45c10140ed2e1
- SSDEEP
  
  98304:h4wQAqtHLRf+ZUSlVtwXgGN0gBl5NZsggKnHvibc0PMkFA9q068ZrS+O9mblF8G:mwzq5RGJlViXNHJsgXc/P1m9q0HNJuG
Score

1^/10
behavioral5 behavioral6
- Target
  
  pictrexclient-main/pictrex.exe
- Size
  
  9.4MB
- MD5
  
  e21afb0ebb35ac0b16ce4d5fdc053966
- SHA1
  
  186930b6c3f35e440a3b53c85a1cfc407893ea2a
- SHA256
  
  3cebcb7f6b293810f106656b269d6c54868018dead0b5b2ec74d1a336abb7731
- SHA512
  
  501e4dbe83daa7981dfaffafc741a9161332617a00b043c412c413b3d9dfc57efd85bd4f23277a8e9c1324266bec11cf3cc4669276ef694cc10a42c598a5bdff
- SSDEEP
  
  196608:13u78K/dY3pvuuDfyGR21X5Sp6GemDMPwWRA+xW0o8PYPGAfhzH:Vu7L/dY3pJDfDspfaMPlR+8PEt
Score

7^/10

spyware stealer
- Loads dropped DLL
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Legitimate hosting services abused for malware hosting/C2
behavioral7 behavioral8
- Target
  
  pictrexclient-main/run.dll
- Size
  
  13.1MB
- MD5
  
  b6fc1a8f648448de0bd61a0e9acda2df
- SHA1
  
  867ee3a88770d3980ffa8e38305d06efc7260ca9
- SHA256
  
  e268219a33cf3898c16ae364efc79a4a656c87d2ee67fd872b079aca769fd97e
- SHA512
  
  9349d8272d66cfe9d98155166deac902be87283e1fd442001a789d3ee9bdcfd4c0f53d26c158c7baa7f81f4d951b3fcbea5f8e21eb753505dfd57d172bedd479
- SSDEEP
  
  98304:DeNXISQ2bTVcsM9mYx1ylJYZFMKUQN/Bj9:DeNXaGVc7my1sYVUQl
Score

1^/10
behavioral10 behavioral9

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Unsecured Credentials

Credentials In Files

Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10