General

  • Target

    568326883f9157fe8f1a7c681e2df341973a75205cf81d627040d101ce24f1bb.bin

  • Size

    13.1MB

  • Sample

    210105-qyr5598gna

  • MD5

    a7f3e4b00b03cb8d28db7961626c757c

  • SHA1

    02873790ac509f38bb502c7f4902d1dbe7acc915

  • SHA256

    568326883f9157fe8f1a7c681e2df341973a75205cf81d627040d101ce24f1bb

  • SHA512

    edb361482c1439827a8610dec0601fc34f504606a3781fba45c0861b8e3fe552b543b56b6443b8473cc76aeec544c1ca4fb9e92fc3a5a1a7f6b064276838de48

Score
10/10

Malware Config

Targets

    • Target

      568326883f9157fe8f1a7c681e2df341973a75205cf81d627040d101ce24f1bb.bin

    • Size

      13.1MB

    • MD5

      a7f3e4b00b03cb8d28db7961626c757c

    • SHA1

      02873790ac509f38bb502c7f4902d1dbe7acc915

    • SHA256

      568326883f9157fe8f1a7c681e2df341973a75205cf81d627040d101ce24f1bb

    • SHA512

      edb361482c1439827a8610dec0601fc34f504606a3781fba45c0861b8e3fe552b543b56b6443b8473cc76aeec544c1ca4fb9e92fc3a5a1a7f6b064276838de48

    Score
    10/10
    • Detect ElectroRat cryptocurrency stealer

    • ElectroRat

      A stealer family often targeting cryptocurrency users and distributed via fake cryptocurrency applications.

    • Drops startup file

    • Legitimate hosting services abused for malware hosting/C2

MITRE ATT&CK Matrix ATT&CK v6

Discovery

System Information Discovery

1
T1082

Command and Control

Web Service

1
T1102

Tasks