4336510e80db66942038d0b3b7041ce2294823eda5c7286a41293710db530e79 | Triage

Sharing

General

Target

4336510e80db66942038d0b3b7041ce2294823eda5c7286a41293710db530e79N
Size

6.9MB
Sample

241004-rrm15syfqk
MD5

af78d823d78ba8deeeac29cef10b0500
SHA1

564369462c0c45e1a3933f3a7fd38374edfa7fc9
SHA256

4336510e80db66942038d0b3b7041ce2294823eda5c7286a41293710db530e79
SHA512

1dc8050459a3ea823b7b902bea96500e5c0cc7532aac840ea7720057369fb8e467b596698c5f801e34f5962f863ac4e3fc59d9148a667d56ae8eb20bbc63f98d
SSDEEP

196608:4e2EksgbOCsXDjDddJolpPgToa10/PXdwWlDGFOnJ8TPX:wEkHbOCEDHJ83a10HXdwWws8P

Score

7^/10

pyinstaller spyware stealer

Malware Config

Targets

- Target
  
  4336510e80db66942038d0b3b7041ce2294823eda5c7286a41293710db530e79N
- Size
  
  6.9MB
- MD5
  
  af78d823d78ba8deeeac29cef10b0500
- SHA1
  
  564369462c0c45e1a3933f3a7fd38374edfa7fc9
- SHA256
  
  4336510e80db66942038d0b3b7041ce2294823eda5c7286a41293710db530e79
- SHA512
  
  1dc8050459a3ea823b7b902bea96500e5c0cc7532aac840ea7720057369fb8e467b596698c5f801e34f5962f863ac4e3fc59d9148a667d56ae8eb20bbc63f98d
- SSDEEP
  
  196608:4e2EksgbOCsXDjDddJolpPgToa10/PXdwWlDGFOnJ8TPX:wEkHbOCEDHJ83a10HXdwWws8P
Score

7^/10

spyware stealer
- Executes dropped EXE
- Loads dropped DLL
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Credentials from Password Stores

Credentials from Web Browsers

Unsecured Credentials

Credentials In Files

Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2