104c4024079b3d63d1e57f6a4104ef3ba3272a85d88e4b364d9364d5fda06f1d | Triage

Sharing

Copy URL Twitter E-mail

General

Target

bace629c868338471fb1506fbd9b53f0N.exe
Size

8.9MB
Sample

240818-k6l9tswgla
MD5

bace629c868338471fb1506fbd9b53f0
SHA1

f9b1f5f3d3a47a8250b34220e82b470ee1736c0a
SHA256

104c4024079b3d63d1e57f6a4104ef3ba3272a85d88e4b364d9364d5fda06f1d
SHA512

08d7ac5509cad1825058dff5337073e5dbf80e0daedd0f030d192c96bad962ca1cc8e7fdc111dd4c18ca61750ce32b11cfb3f1841bc1946d559952cc666f1f81
SSDEEP

196608:hiYEksgmPQf8aqSoTljeCsXDjDddJolpPgToa10/PXdwWlDGFOnJOTJK:rEkHmPQfiSoZjeCEDHJ83a10HXdwWwsG

Score

7^/10

pyinstaller spyware stealer

Malware Config

Targets

- Target
  
  bace629c868338471fb1506fbd9b53f0N.exe
- Size
  
  8.9MB
- MD5
  
  bace629c868338471fb1506fbd9b53f0
- SHA1
  
  f9b1f5f3d3a47a8250b34220e82b470ee1736c0a
- SHA256
  
  104c4024079b3d63d1e57f6a4104ef3ba3272a85d88e4b364d9364d5fda06f1d
- SHA512
  
  08d7ac5509cad1825058dff5337073e5dbf80e0daedd0f030d192c96bad962ca1cc8e7fdc111dd4c18ca61750ce32b11cfb3f1841bc1946d559952cc666f1f81
- SSDEEP
  
  196608:hiYEksgmPQf8aqSoTljeCsXDjDddJolpPgToa10/PXdwWlDGFOnJOTJK:rEkHmPQfiSoZjeCEDHJ83a10HXdwWwsG
Score

7^/10

spyware stealer
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Loads dropped DLL
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Unsecured Credentials

Credentials In Files

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2