observer | 5b2b8a4d5b8375a3ac2ce68b93cdbfdc8fd13d1cf4ea1a6a61bd784aa495dbfb | Triage

Sharing

General

Target

observer (1)01
Size

371KB
Sample

240809-z11ycsyhrn
MD5

e9dda8ccde5385e8d0a7f0bdc361e51d
SHA1

863734caf0cb94dce610fe49eeebe438a7096dfb
SHA256

5b2b8a4d5b8375a3ac2ce68b93cdbfdc8fd13d1cf4ea1a6a61bd784aa495dbfb
SHA512

960cbd75e519bd4593b3d313834abe687dfd7de58b22d65384e27262598508f20b2d14d8fa5ceda422287495f5a75ccf494db69e61a96ca34aa12f870d1c7d93
SSDEEP

6144:UvIAage6geI62bhgkHWdVwVZN42ZApv5Fd3MkHg/rRq9/fbsMS2GFjOw:m2ReyKkHWjwVZpZoDdQ0LW

Score

10^/10

observer discovery stealer

Malware Config

Extracted

Family

observer

C2

http://5.42.66.25:3000

Targets

- Target
  
  observer (1)01
- Size
  
  371KB
- MD5
  
  e9dda8ccde5385e8d0a7f0bdc361e51d
- SHA1
  
  863734caf0cb94dce610fe49eeebe438a7096dfb
- SHA256
  
  5b2b8a4d5b8375a3ac2ce68b93cdbfdc8fd13d1cf4ea1a6a61bd784aa495dbfb
- SHA512
  
  960cbd75e519bd4593b3d313834abe687dfd7de58b22d65384e27262598508f20b2d14d8fa5ceda422287495f5a75ccf494db69e61a96ca34aa12f870d1c7d93
- SSDEEP
  
  6144:UvIAage6geI62bhgkHWdVwVZN42ZApv5Fd3MkHg/rRq9/fbsMS2GFjOw:m2ReyKkHWjwVZpZoDdQ0LW
Score

10^/10

observer discovery stealer
- Observer
  Observer is an infostealer written in C++.
  stealer observer
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

observerdiscoverystealer