c35bd349eed411b8afd113c3fd6cb0b25ac621b9bb6cc3dc692ebbe597bdc0e5 | Triage

Sharing

General

Target

ZetWallet_Beta.exe
Size

60.5MB
Sample

221221-qfdgwsfd81
MD5

f9f89e5376f32d472ccf86ac779c5c99
SHA1

b1141325295c7659a589a76b7a6424637412a2d9
SHA256

c35bd349eed411b8afd113c3fd6cb0b25ac621b9bb6cc3dc692ebbe597bdc0e5
SHA512

ede0f2ccaa0eb59da7586da0cfadea0b7820fb84b3aff78b16c77a5770e838ab87af4229cdb67f4dade48c4b7d89116c46064771c9453f277e80664633e3d408
SSDEEP

1572864:tywaLGMGgbcZdwIkWbLKZn7hBI/+wSI8EvBO4I4XSYOuRbk:tywAzVbcZdwIzUhBImw2mOdSSYOX

Score

8^/10

discovery

Malware Config

Targets

- Target
  
  ZetWallet_Beta.exe
- Size
  
  60.5MB
- MD5
  
  f9f89e5376f32d472ccf86ac779c5c99
- SHA1
  
  b1141325295c7659a589a76b7a6424637412a2d9
- SHA256
  
  c35bd349eed411b8afd113c3fd6cb0b25ac621b9bb6cc3dc692ebbe597bdc0e5
- SHA512
  
  ede0f2ccaa0eb59da7586da0cfadea0b7820fb84b3aff78b16c77a5770e838ab87af4229cdb67f4dade48c4b7d89116c46064771c9453f277e80664633e3d408
- SSDEEP
  
  1572864:tywaLGMGgbcZdwIkWbLKZn7hBI/+wSI8EvBO4I4XSYOuRbk:tywAzVbcZdwIzUhBImw2mOdSSYOX
Score

8^/10

discovery
- Executes dropped EXE
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Loads dropped DLL
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Install Root Certificate

Modify Registry

Credential Access

Discovery

Process Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2