c81aaababd51889202033f5e6ac14c33e42e0a77196dd866bcaaa9e1eacd2361 | Triage

Resubmissions

13/09/2024, 23:01

240913-2zhfqsvbja 7

13/09/2024, 19:39

240913-yc9d6avgpf 7

Sharing

Copy URL Twitter E-mail

General

Target

Steam Cache Login Software - AccountSpider.zip
Size

107.2MB
Sample

240913-2zhfqsvbja
MD5

40a4d898f61a80f081429b1cc0813613
SHA1

7d2a173c5bb14d22b2bcf6985222826e19860e94
SHA256

c81aaababd51889202033f5e6ac14c33e42e0a77196dd866bcaaa9e1eacd2361
SHA512

5de26fa062f8f92d98a7a72f99e72409a1b9d5c752d41352edcd3ca8b7c20f7344ce8e667824d3056812d527eddfa30b26825bd4daaea9d5d3cc5a792e8cfb6b
SSDEEP

3145728:n/dukp4gwPvP+4tG5YwUSC++uy65C4H0j5ncT:nEJgwPXjtGagCMy2CY0jRcT

Score

7^/10

discovery pyinstaller spyware stealer

Malware Config

Targets

- Target
  
  Steam Cache Login Software - AccountSpider/AccountSpider_Steam_Cache_Login.exe
- Size
  
  106.9MB
- MD5
  
  9687dd2f8d3cc0c51c6b6b58972aa37e
- SHA1
  
  46a8bfd3c6676fa2fc2b1b0d6e55e53d10fb0256
- SHA256
  
  939863492a91d0914f297f93539d139c26b0a0ff3e53958064652ab0e06adbac
- SHA512
  
  a8d6c133e66402a612034394845249c95f39e22f2ce032aadda113bad10701aebe549f65c4ed7388015c63dd164949912f5ea83ac2c624658db262ea3db6ee10
- SSDEEP
  
  3145728:I/dukp4gwPvP+4tG5YwUSC++uy65C4H0j5nc:IEJgwPXjtGagCMy2CY0jRc
Score

7^/10

discovery spyware stealer
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Password Policy Discovery
  Attempt to access detailed information about the password policy used within an enterprise network.
  discovery
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Unsecured Credentials

Credentials In Files

Discovery

Password Policy Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

discoveryspywarestealer