Overview

overview

7

Static

static

3

sigma.exe

windows10-2004-x64

7

Sharing

Copy URL Twitter E-mail

General

  • Target

    sigma.exe

  • Size

    71.8MB

  • Sample

    240721-yrspyssbmh

  • MD5

    e2a577449ddda7f5cae02f351b2972df

  • SHA1

    911d0b29d8144bf02a90dbd3e4fd57593e4c38b3

  • SHA256

    74800c5fcf51b4f6da61dcbf0121455822f292251768bbaae32d21976e532875

  • SHA512

    850ec616bd2d314308ef73b6040856e2dc422b9bad77153e0892ab665f09672b833d1c6630a6ea0599174afecd467ccf3e45b8338c678fc50d155f46d55e8477

  • SSDEEP

    1572864:1J0LX5WJoWbgWRSgkNOXWxtQSNriI5sOX6ydpRWtjcuXxhBt:nuX5M3gbcKCk5nX3dHeZhh

Score
7/10
pyinstallerspywarestealer

Malware Config

Targets

    • Target

      sigma.exe

    • Size

      71.8MB

    • MD5

      e2a577449ddda7f5cae02f351b2972df

    • SHA1

      911d0b29d8144bf02a90dbd3e4fd57593e4c38b3

    • SHA256

      74800c5fcf51b4f6da61dcbf0121455822f292251768bbaae32d21976e532875

    • SHA512

      850ec616bd2d314308ef73b6040856e2dc422b9bad77153e0892ab665f09672b833d1c6630a6ea0599174afecd467ccf3e45b8338c678fc50d155f46d55e8477

    • SSDEEP

      1572864:1J0LX5WJoWbgWRSgkNOXWxtQSNriI5sOX6ydpRWtjcuXxhBt:nuX5M3gbcKCk5nX3dHeZhh

    Score
    7/10
    spywarestealer

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Legitimate hosting services abused for malware hosting/C2

    • Looks up external IP address via web service

      Uses a legitimate IP lookup service to find the infected system's external IP.

    behavioral1

MITRE ATT&CK Enterprise v15

Tasks