e08fe3a548d908ff94ce5b5934aa6beeef9165dae8b4fc60de41b34dc2dd59a2 | Triage

Resubmissions

06-01-2023 05:18

230106-fzdxnahh3s 8

06-01-2023 04:11

230106-erznqahg5z 8

Sharing

General

Target

test.zip
Size

1.8MB
Sample

230106-erznqahg5z
MD5

ffb1aceb3f93be1d4f133f3db7640548
SHA1

df4878998bfbefb4a65a877a186bea273539403c
SHA256

e08fe3a548d908ff94ce5b5934aa6beeef9165dae8b4fc60de41b34dc2dd59a2
SHA512

0057965666981ce275a98dc3f5b964617497fbacddcb594be2f20d1e12310feafb7e10e00ad52116fed175a6755841329d0dfeecda9be2eb471eb75f8bcc159f
SSDEEP

24576:sYI2jhO+9Mbm9wtJ8umb89ehRgCkf3h775HmYTcnR5OSBrV:I+O+Y+umbae8nfx1H9onXXx

Score

8^/10

spyware

Malware Config

Targets

- Target
  
  test.scr
- Size
  
  734.9MB
- MD5
  
  e47fa5b703764885b6bea8aded50675b
- SHA1
  
  8ca16594f5f3a4b58f4150b8811a8ce0dfdfab82
- SHA256
  
  303eb6c7e0c940679ac030c41c359d1b3ece51e4ee09d465001eddef435a2f11
- SHA512
  
  12a652dc7d831a059eea3271509ea2d5d705a33d0a9d45d725586835f85551db0b167af1e3d3d6e1734f46494a07701748e1b624232ecb131d107fe7d0dbb71a
- SSDEEP
  
  49152:7obxvbkfN8ObOQzhSSsOfADj58uFxDEF4B6iiw/n:8dvgN8yaDquFxDbSC
Score

8^/10

spyware
- Downloads MZ/PE file
- Loads dropped DLL
- Accesses cryptocurrency files/wallets, possible credential harvesting
  spyware
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Credentials in Files

Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2