13db34cab435d9858269c5e823f4b575.exe

General
Target

13db34cab435d9858269c5e823f4b575.exe

Size

1MB

Sample

210408-5qqwk1hre2

Score
8 /10
MD5

13db34cab435d9858269c5e823f4b575

SHA1

c6e9c301d3cfaf6671490c47c1ed4eb59f343f21

SHA256

63ca5cde7141ae503639f3022f4dc4a244e8b19bf320d55a9567789aa632d036

SHA512

dfd36c39b35cf1aed2b76e38d4a08c41792611cf886d337d129a19c963878cc53fb7a0d71e078d2d38e61d8341a938869686f62673f080a7182020cd08c2c6a8

Malware Config
Targets
Target

13db34cab435d9858269c5e823f4b575.exe

MD5

13db34cab435d9858269c5e823f4b575

Filesize

1MB

Score
8 /10
SHA1

c6e9c301d3cfaf6671490c47c1ed4eb59f343f21

SHA256

63ca5cde7141ae503639f3022f4dc4a244e8b19bf320d55a9567789aa632d036

SHA512

dfd36c39b35cf1aed2b76e38d4a08c41792611cf886d337d129a19c963878cc53fb7a0d71e078d2d38e61d8341a938869686f62673f080a7182020cd08c2c6a8

Tags

Signatures

  • Executes dropped EXE

  • Loads dropped DLL

  • Reads user/profile data of web browsers

    Description

    Infostealers often target stored browser data, which can include saved credentials etc.

    Tags

    TTPs

    Data from Local System Credentials in Files
  • Accesses cryptocurrency files/wallets, possible credential harvesting

    Tags

    TTPs

    Data from Local System Credentials in Files
  • Checks installed software on the system

    Description

    Looks up Uninstall key entries in the registry to enumerate software on the system.

    Tags

    TTPs

    Query Registry
  • Suspicious use of SetThreadContext

Related Tasks

MITRE ATT&CK Matrix
Command and Control
    Credential Access
    Defense Evasion
      Execution
        Exfiltration
          Impact
            Initial Access
              Lateral Movement
                Persistence
                Privilege Escalation
                  Tasks

                  static1

                  behavioral1

                  8/10

                  behavioral2

                  8/10