52c0194185bf22ad2c97d86553acdb91d6f662fdab9bf647a4126fa9be1f33cd | Triage

Sharing

Copy URL Twitter E-mail

General

Target

KULO_Cracked.exe
Size

8.1MB
Sample

240814-xvh49atfpr
MD5

6c937036624b23ddf41c800b4de10693
SHA1

744ded22a002bd73a1048d58f71bbb9b25a56451
SHA256

52c0194185bf22ad2c97d86553acdb91d6f662fdab9bf647a4126fa9be1f33cd
SHA512

b7907b4a56d119f39272704c1d80fd115d342dec4110b8fb49145513cba0f87825042f5ef9275f90e9b33b13208c4738620591148f85d0346fc28a958039d37e
SSDEEP

196608:mnfLgdqBA1HeT39IigwdeE9TFa0Z8DOjCdylhVQf/GoXKh:cg4q1+TtIiFUY9Z8D8CclhiLXKh

Score

7^/10

discovery pyinstaller spyware stealer

Malware Config

Targets

- Target
  
  KULO_Cracked.exe
- Size
  
  8.1MB
- MD5
  
  6c937036624b23ddf41c800b4de10693
- SHA1
  
  744ded22a002bd73a1048d58f71bbb9b25a56451
- SHA256
  
  52c0194185bf22ad2c97d86553acdb91d6f662fdab9bf647a4126fa9be1f33cd
- SHA512
  
  b7907b4a56d119f39272704c1d80fd115d342dec4110b8fb49145513cba0f87825042f5ef9275f90e9b33b13208c4738620591148f85d0346fc28a958039d37e
- SSDEEP
  
  196608:mnfLgdqBA1HeT39IigwdeE9TFa0Z8DOjCdylhVQf/GoXKh:cg4q1+TtIiFUY9Z8D8CclhiLXKh
Score

7^/10

spyware stealer discovery
- Loads dropped DLL
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Unsecured Credentials

Credentials In Files

Discovery

Browser Information Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

discoveryspywarestealer