Overview

overview

7

Static

static

3

eb2bc1cbbf...8f.exe

windows7-x64

7

eb2bc1cbbf...8f.exe

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    8091536191.zip

  • Size

    41.7MB

  • Sample

    221003-1ejydsgdf5

  • MD5

    9d26e1f8fc7fab5130a660662dac3b74

  • SHA1

    c6cc83a5adb46b010bafc7619b884f494151a5bf

  • SHA256

    41d1b6aeeb122adcd832a90eaae14f7045bcb74781b5dd1931b6156f72e106a3

  • SHA512

    14135ae8132452c3f8cc0e79d99d465170382bd19029b22d5f399f47f83dc56dec84bbe7be6977967f7490ff7deea3d157afdca22110be30b26d8c5c611cbcf4

  • SSDEEP

    786432:tUJWVq9xzgbBFzST+NRfx60lU8Er+phkSlBIsuHItcYxgt+Jj+NVd+mCv0w/:tUJWVExz4B9STuRffl9E6vB6/t+Jj+NI

Score
7/10
pyinstallerspyware

Malware Config

Targets

    • Target

      eb2bc1cbbfd11b775c265b4b75ee6456f62a69a3d7c1a4ab2d08e0209bfd418f

    • Size

      41.9MB

    • MD5

      835f79c8089263b59bf9d295c7275949

    • SHA1

      5c91ae2d69404649510550ed0b836230896c222c

    • SHA256

      eb2bc1cbbfd11b775c265b4b75ee6456f62a69a3d7c1a4ab2d08e0209bfd418f

    • SHA512

      58986f125138c2115ca74bd9def9d8384a312ef37351ee923e3545c9bc2217bae3ad57352bd2e98a0f76b938f3f625c34c63e1af904b066708d5e2330798f25a

    • SSDEEP

      786432:RmPF3/HPPMUGF8WWxUdYhkcachFphEsZWGlso5EYWaPpa//c7g1diPbRH25QPKJR:Rm9v8UGF8WWxUtAFphEqZd5EG8c8HiDC

    Score
    7/10
    spyware

    • Loads dropped DLL

    • Accesses cryptocurrency files/wallets, possible credential harvesting

      spyware

    • Legitimate hosting services abused for malware hosting/C2

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Credentials in Files

1
T1081

Discovery

Lateral Movement

Collection

Data from Local System

1
T1005

Exfiltration

Command and Control

Web Service

1
T1102

Impact

Tasks