0264a3c84d3a268983747939a9345ccdd32e2614133e362803cc992e0aaf6897 | Triage

Submit
Reports

Overview

overview

8

Static

static

cuentas.exe

windows7_x64

8

cuentas.exe

windows10_x64

8

Sharing

General

Target

cuentas.exe
Size

703KB
Sample

200711-3541hvjgka
MD5

4257c31396f2298a0ff642464ea2de68
SHA1

cb2ac642f5743533b79fef9bd4e97da0b1c18aef
SHA256

0264a3c84d3a268983747939a9345ccdd32e2614133e362803cc992e0aaf6897
SHA512

daf209fb4abe928c974d2ddef6dd40b2b29a02cf9c6b66b386a0a6b240fafd9a285ceb3eee04466fbe8e59ce1d91856b26a22ea8e71d66343673b9bed5f2933f

Score

8^/10

spyware

Static task

static1

Behavioral task

behavioral1

Sample

cuentas.exe

Resource

win7v200430

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

cuentas.exe

Resource

win10

windows10_x64

0 signatures

0 seconds

Malware Config

Targets

- Target
  
  cuentas.exe
- Size
  
  703KB
- MD5
  
  4257c31396f2298a0ff642464ea2de68
- SHA1
  
  cb2ac642f5743533b79fef9bd4e97da0b1c18aef
- SHA256
  
  0264a3c84d3a268983747939a9345ccdd32e2614133e362803cc992e0aaf6897
- SHA512
  
  daf209fb4abe928c974d2ddef6dd40b2b29a02cf9c6b66b386a0a6b240fafd9a285ceb3eee04466fbe8e59ce1d91856b26a22ea8e71d66343673b9bed5f2933f
Score

8^/10

spyware
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
- Reads data files stored by FTP clients
  Tries to access configuration files associated with programs like FileZilla.
  spyware
- Reads user/profile data of local email clients
  Email clients store some user data on disk where infostealers will often target it.
  spyware
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware
- Looks up external IP address via web service
  Uses a legitimate IP lookup service to find the infected system's external IP.
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Credentials in Files

Discovery

Lateral Movement

Collection

Data from Local System

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

behavioral2

© 2018-2024

Terms | Privacy