b1c680e9e56f42c48ca592fcd688500fb073ee3fdd8a36c584ab86cae9a225a0 | Triage

Submit
Reports

Overview

overview

7

Static

static

b1c680e9e5...in.exe

windows7_x64

7

b1c680e9e5...in.exe

windows10_x64

7

Sharing

General

Target

b1c680e9e56f42c48ca592fcd688500fb073ee3fdd8a36c584ab86cae9a225a0.bin
Size

259KB
Sample

201103-487ke4s83x
MD5

86d510eb9e29b3e3a7e35e0d28d905db
SHA1

b7fb5af7efbc5dc4c1324f0be237acf57202a2e3
SHA256

b1c680e9e56f42c48ca592fcd688500fb073ee3fdd8a36c584ab86cae9a225a0
SHA512

cf0e7196727c97948f6455ea3372b89eb37f0968e5409df6c160461ea116ceec53de6c5286f57ed94027de9f92f610f486fa99a8b98258320e97d21a0e549167

Score

7^/10

discovery spyware

Static task

static1

Behavioral task

behavioral1

Sample

b1c680e9e56f42c48ca592fcd688500fb073ee3fdd8a36c584ab86cae9a225a0.bin.exe

Resource

win7v20201028

discovery spyware

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

b1c680e9e56f42c48ca592fcd688500fb073ee3fdd8a36c584ab86cae9a225a0.bin.exe

Resource

win10v20201028

discovery spyware

windows10_x64

0 signatures

0 seconds

Malware Config

Targets

- Target
  
  b1c680e9e56f42c48ca592fcd688500fb073ee3fdd8a36c584ab86cae9a225a0.bin
- Size
  
  259KB
- MD5
  
  86d510eb9e29b3e3a7e35e0d28d905db
- SHA1
  
  b7fb5af7efbc5dc4c1324f0be237acf57202a2e3
- SHA256
  
  b1c680e9e56f42c48ca592fcd688500fb073ee3fdd8a36c584ab86cae9a225a0
- SHA512
  
  cf0e7196727c97948f6455ea3372b89eb37f0968e5409df6c160461ea116ceec53de6c5286f57ed94027de9f92f610f486fa99a8b98258320e97d21a0e549167
Score

7^/10

discovery spyware
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware
- Accesses cryptocurrency files/wallets, possible credential harvesting
  spyware
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Looks up external IP address via web service
  Uses a legitimate IP lookup service to find the infected system's external IP.
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Credentials in Files

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Data from Local System

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

discoveryspyware

behavioral2

discoveryspyware

© 2018-2024

Terms | Privacy