7bc04e93e35f7f41b9aaf40d78e7bef44ef6aefb738f20812eed1c59640eb7a5 | Triage

Resubmissions

02-08-2024 16:29

240802-tzbzys1ejp 7

Sharing

General

Target

zumext.exe
Size

10.3MB
Sample

240802-tzbzys1ejp
MD5

efb9a26c03e7d47017b4e521c49ebda7
SHA1

723741c9e6b8c5aa00c2ec6d1749d2195ea7732e
SHA256

7bc04e93e35f7f41b9aaf40d78e7bef44ef6aefb738f20812eed1c59640eb7a5
SHA512

9e4c3db150daf856c0dbe4e28b159cda0d9abbe32a7e2ca321e290b9bed56e774aab9f0bfda439ec8b6d14b1affff9ca05e7ee7849bca755cf2479d80846614d
SSDEEP

196608:+P+ZcdqBA1HeT39IigwjeE9TFa0Z8DOjCdylLhYMfVHjZQIhKoXKh:BZc4q1+TtIiFKY9Z8D8Ccldl52sXKh

Score

7^/10

pyinstaller spyware stealer

Malware Config

Targets

- Target
  
  zumext.exe
- Size
  
  10.3MB
- MD5
  
  efb9a26c03e7d47017b4e521c49ebda7
- SHA1
  
  723741c9e6b8c5aa00c2ec6d1749d2195ea7732e
- SHA256
  
  7bc04e93e35f7f41b9aaf40d78e7bef44ef6aefb738f20812eed1c59640eb7a5
- SHA512
  
  9e4c3db150daf856c0dbe4e28b159cda0d9abbe32a7e2ca321e290b9bed56e774aab9f0bfda439ec8b6d14b1affff9ca05e7ee7849bca755cf2479d80846614d
- SSDEEP
  
  196608:+P+ZcdqBA1HeT39IigwjeE9TFa0Z8DOjCdylLhYMfVHjZQIhKoXKh:BZc4q1+TtIiFKY9Z8D8Ccldl52sXKh
Score

7^/10

spyware stealer
- Loads dropped DLL
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
behavioral1
- Target
  
  dauth.pyc
- Size
  
  8KB
- MD5
  
  37243c13c1776a2ff70e615de9421dc0
- SHA1
  
  fa6a6cb92dd614bdf53fdf46a0e8baeffeba8696
- SHA256
  
  176663533861af125b5173a076d960cbf9856835770360c4a2caf7edb70fbe15
- SHA512
  
  d938399e7ee0c5d2962a420c40a9c2e00220503322d226518654f313e65841434e45da5ede3daa864d68c3f82e8b9fcb4df024f45f56b659d4342bb053ada752
- SSDEEP
  
  192:cVstv5M0UQFqCiDY0+q7IKQMW9vsJbWEc:AEheZU7KQ9vsJbI
Score

3^/10
behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Unsecured Credentials

Credentials In Files

Discovery

System Information Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2