General
-
Target
TradingView-x64.zip
-
Size
16.9MB
-
Sample
221217-a5secaag8v
-
MD5
951ce7a9b35edf359f86e8dc95088978
-
SHA1
447f863bf00a7a9859cec29743f6540bba93be02
-
SHA256
68f5285dfe87afb365e7b62a999d517fe4122ccbe82571c059803409f9182679
-
SHA512
5bfc08f6cfd8b87a59fb2a53614af173c52a36792ffcf97db2b94bda731a5eb4f8be58964e0716f6f6fa0b3973f303a65e03e6bdc614d846ae1b2813f2ee0ece
-
SSDEEP
393216:Buscg4NaECI4Uwmpe2rHrER224Av4KLRZw/Fc9YFYIFb:8cG62U4KLRoFc9YCub
Static task
static1
Behavioral task
behavioral1
Sample
TradingView-x64/TradingView Desktop.exe
Resource
win7-20220812-en
Malware Config
Targets
-
-
Target
TradingView-x64/TradingView Desktop.exe
-
Size
395KB
-
MD5
b91f1d5bf7dfcb98f34ff278ffbaa6fe
-
SHA1
3d8b75f608bc44c278bd9323fd1b3153d8775152
-
SHA256
2ec0754442f816dab7532fc89c9aa42452fa415b49fa0e7c601ec48877753f23
-
SHA512
6c058c2d4566b4aec5c6ddc5b8e30c47bc5be4242bf5e50890ea3a4a5b3e7efd8ff34a6dd542b3b7c932a2507574ab7866a415f1c20a1fc26ac15c73e22758a2
-
SSDEEP
12288:++S3+5jXRqTRxK7ilVyptwO5Rczcn7GI:+tK9AhCtw0g
-
Loads dropped DLL
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Suspicious use of SetThreadContext
-