Overview

overview

7

Static

static

3

thread.exe

windows10_x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    thread.exe

  • Size

    7.3MB

  • Sample

    210817-8kgecebnfe

  • MD5

    1813b415b2a363fc0f14bdd9c7cea772

  • SHA1

    2111b28bcca8c0a161a60a60a971aad3f1bcce40

  • SHA256

    d76a837e2741184fc94dc3f7fe392cb815e5243b02ff80de2d686912b39155ef

  • SHA512

    b469517859581db0abdb545d4b5efa0206b199f00a5edefb98198de4ba8366255af24d21f766ad16bb3fc3f29f35f76f654160f44187dfe09c372ecea3c44eb8

Score
7/10
pyinstallerspywarestealer

Malware Config

Targets

    • Target

      thread.exe

    • Size

      7.3MB

    • MD5

      1813b415b2a363fc0f14bdd9c7cea772

    • SHA1

      2111b28bcca8c0a161a60a60a971aad3f1bcce40

    • SHA256

      d76a837e2741184fc94dc3f7fe392cb815e5243b02ff80de2d686912b39155ef

    • SHA512

      b469517859581db0abdb545d4b5efa0206b199f00a5edefb98198de4ba8366255af24d21f766ad16bb3fc3f29f35f76f654160f44187dfe09c372ecea3c44eb8

    Score
    7/10
    spywarestealer

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Legitimate hosting services abused for malware hosting/C2

    • Looks up external IP address via web service

      Uses a legitimate IP lookup service to find the infected system's external IP.

    behavioral1

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Credentials in Files

1
T1081

Discovery

Lateral Movement

Collection

Data from Local System

1
T1005

Exfiltration

Command and Control

Web Service

1
T1102

Impact

Tasks