observer | bb17d47f10fefcee4c883f93f2989e753b969298dd70262ae00696dd482dc9b4 | Triage

Sharing

General

Target

observer (4)07
Size

380KB
Sample

240809-z2kb1azajm
MD5

371e14f7e146ff22cb9ebe2f78cbfb7f
SHA1

2fde663b31a46e83f3034464674ad3f3a85f6972
SHA256

bb17d47f10fefcee4c883f93f2989e753b969298dd70262ae00696dd482dc9b4
SHA512

457cb7d4056200a4bcde4390d411e7f886e8b2fb00aef3d15d68b22c5d09bff74eeca9b241a6e69252a1e91acdaa97c23904ef8bbd5f6d6d3f852233a89c1eab
SSDEEP

3072:D7g6EFujqoyCdr5vWh6fPpyuvFU4F+fHRfAGdtq6mDBVz8gJeRvqol4c4QqVo+Po:Hg6EFYdNOhN5N63h8gCr4bQcPfIu3Rpm

Score

10^/10

observer discovery stealer

Malware Config

Extracted

Family

observer

C2

http://5.42.66.25:3000

Targets

- Target
  
  observer (4)07
- Size
  
  380KB
- MD5
  
  371e14f7e146ff22cb9ebe2f78cbfb7f
- SHA1
  
  2fde663b31a46e83f3034464674ad3f3a85f6972
- SHA256
  
  bb17d47f10fefcee4c883f93f2989e753b969298dd70262ae00696dd482dc9b4
- SHA512
  
  457cb7d4056200a4bcde4390d411e7f886e8b2fb00aef3d15d68b22c5d09bff74eeca9b241a6e69252a1e91acdaa97c23904ef8bbd5f6d6d3f852233a89c1eab
- SSDEEP
  
  3072:D7g6EFujqoyCdr5vWh6fPpyuvFU4F+fHRfAGdtq6mDBVz8gJeRvqol4c4QqVo+Po:Hg6EFYdNOhN5N63h8gCr4bQcPfIu3Rpm
Score

10^/10

observer discovery stealer
- Observer
  Observer is an infostealer written in C++.
  stealer observer
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

observerdiscoverystealer