allcome | bf00a990eb93a4696f6b5d6029d654ce3e2959b14db849c6630c17256c7aa31b | Triage

Resubmissions

25-12-2022 15:09

221225-sjk29aeg6z 10

22-11-2022 09:47

221122-lr6wcshc34 10

Sharing

General

Target

bf00a990eb93a4696f6b5d6029d654ce3e2959b14db849c6630c17256c7aa31b
Size

871KB
Sample

221225-sjk29aeg6z
MD5

8dcec334c74becd217f0f61c53a45a54
SHA1

02a178c1bdd24a780c491c2efe1dcf6bb6be13f7
SHA256

bf00a990eb93a4696f6b5d6029d654ce3e2959b14db849c6630c17256c7aa31b
SHA512

bf8b6f0043aa222be36c4c6816a95a62a8cc17bbee4454d110d590e2bde7e3ca60504cae01196cf6a2a31f92dd874517fde082dfa505a394b2bf2bbda3a76695
SSDEEP

12288:q39riVwf3iJ+HN3TF4W7Wba0WGU68RnAgqgNYEgeGEKDBjs2sd0psmCA+Pdm7Y7a:qNriy/fTFOzgCGTjUDn/MI9d

Score

10^/10

allcome stealer

Malware Config

Extracted

Family

allcome

C2

http://dba692117be7b6d3480fe5220fdd58b38bf.xyz/API/2/configure.php?cf6zrlhn=finarnw

Targets

- Target
  
  bf00a990eb93a4696f6b5d6029d654ce3e2959b14db849c6630c17256c7aa31b
- Size
  
  871KB
- MD5
  
  8dcec334c74becd217f0f61c53a45a54
- SHA1
  
  02a178c1bdd24a780c491c2efe1dcf6bb6be13f7
- SHA256
  
  bf00a990eb93a4696f6b5d6029d654ce3e2959b14db849c6630c17256c7aa31b
- SHA512
  
  bf8b6f0043aa222be36c4c6816a95a62a8cc17bbee4454d110d590e2bde7e3ca60504cae01196cf6a2a31f92dd874517fde082dfa505a394b2bf2bbda3a76695
- SSDEEP
  
  12288:q39riVwf3iJ+HN3TF4W7Wba0WGU68RnAgqgNYEgeGEKDBjs2sd0psmCA+Pdm7Y7a:qNriy/fTFOzgCGTjUDn/MI9d
Score

10^/10

allcome stealer
- Allcome
  A clipbanker that supports stealing different cryptocurrency wallets and payment forms.
  stealer allcome
- Executes dropped EXE
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Suspicious use of SetThreadContext
behavioral1 behavioral2 behavioral3

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Scheduled Task

Persistence

Scheduled Task

Privilege Escalation

Scheduled Task

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

behavioral3