822b83bbff1ef6e01b2c3e05adbd526fe6497019222712f537f10bb3562f07dd | Triage

Sharing

General

Target

28870d10a69d01ddcf1f358e0c8a837a.exe
Size

1.7MB
Sample

221103-wd1sasfdgn
MD5

28870d10a69d01ddcf1f358e0c8a837a
SHA1

667f6f994eb8a0dbf1b6676b4b2ae0cc96d24107
SHA256

822b83bbff1ef6e01b2c3e05adbd526fe6497019222712f537f10bb3562f07dd
SHA512

726eb005d78040476ce2d536e5decd459163271f36ef1c720de7c13458985a4b20bd501ca612a14857b8576181c173ee3478ad18755bfab716b9e60fb133860a
SSDEEP

49152:v3EAyeAeD4PWptXDLC1l+74RZv14sn3I+ECVL:PTyeAqCGNQ00RBas3

Score

8^/10

spyware

Malware Config

Targets

- Target
  
  28870d10a69d01ddcf1f358e0c8a837a.exe
- Size
  
  1.7MB
- MD5
  
  28870d10a69d01ddcf1f358e0c8a837a
- SHA1
  
  667f6f994eb8a0dbf1b6676b4b2ae0cc96d24107
- SHA256
  
  822b83bbff1ef6e01b2c3e05adbd526fe6497019222712f537f10bb3562f07dd
- SHA512
  
  726eb005d78040476ce2d536e5decd459163271f36ef1c720de7c13458985a4b20bd501ca612a14857b8576181c173ee3478ad18755bfab716b9e60fb133860a
- SSDEEP
  
  49152:v3EAyeAeD4PWptXDLC1l+74RZv14sn3I+ECVL:PTyeAqCGNQ00RBas3
Score

8^/10

spyware
- Downloads MZ/PE file
- Loads dropped DLL
- Accesses cryptocurrency files/wallets, possible credential harvesting
  spyware
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Credentials in Files

Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2