81a7a67ddbd184f8b8f16f5de340028e81a949989462b75eed8cd168a84ad6c4 | Triage

Resubmissions

02-03-2022 23:33

220302-3j8hnaacdj 10

02-03-2022 23:28

220302-3ght8aaccj 10

Sharing

General

Target

bitcoin_autopilot.zip
Size

551KB
Sample

220302-3j8hnaacdj
MD5

722c0396a9e47a2dd0965c5c15e2c456
SHA1

506f7f0004f1f72a4b67a7178f76d88da328d02a
SHA256

81a7a67ddbd184f8b8f16f5de340028e81a949989462b75eed8cd168a84ad6c4
SHA512

f590f8dc6c48ac43837d70dde99b034bf6860558b49de9354dae7a90efab722ee1acaba4a804ce96b6804be026339aa586cb70530ec8ae84cd5475faa072bdb4

Score

10^/10

Malware Config

Targets

- Target
  
  bitcoin_autopilot.exe
- Size
  
  555KB
- MD5
  
  9a54e89dae9ce99c81fec028dc90e868
- SHA1
  
  0b9400e78efc3c7c6c5f0b6397bb0809e1c998bf
- SHA256
  
  ad2c7b793cdae7e3d05fb827021f069885aedb5069f665fa33d67df745e8a038
- SHA512
  
  2a4d78f488facde3528d1d0d7f7af2e27fdf8b613736824a22d4f45b44420f19c5bc4b7984bc3a49fc47ae59045b82e2df8e9b0223e368d80b347e22a9f3a6b0
Score

10^/10
- Suspicious use of NtCreateProcessExOtherParentProcess
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2