Overview

overview

7

Static

static

185.246.22...23.exe

windows7-x64

7

185.246.22...23.exe

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    185.246.220.121_-_vik_-_HHG.exe___58b8732ed17532b518bd90b68b934b23.dat

  • Size

    282KB

  • Sample

    230125-n13amsfh63

  • MD5

    58b8732ed17532b518bd90b68b934b23

  • SHA1

    dbb672289a9ebde17cb77424615a1c186995d1f3

  • SHA256

    f6eb53bca5075725d889aa5de1f4541cd764bed2bd46aeefcfa4a1b018b6a4fb

  • SHA512

    824e7e7cdccb4d60f72ad70fd73ea8184b1ed7b1d7b2e9a9426ec58380f3f4f769bee8b55d5d8c2450a6bfe37a2f737cc6a88c77e6bf1dde1984edc8c4e3b75c

  • SSDEEP

    6144:Z4CJRQliHM5ZsM5Iszp/znpBIZYJrAHAY7e1+vJmuxt:VuYMx5IshzrInH34+Bmuxt

Score
7/10
spywarestealer

Malware Config

Targets

    • Target

      185.246.220.121_-_vik_-_HHG.exe___58b8732ed17532b518bd90b68b934b23.dat

    • Size

      282KB

    • MD5

      58b8732ed17532b518bd90b68b934b23

    • SHA1

      dbb672289a9ebde17cb77424615a1c186995d1f3

    • SHA256

      f6eb53bca5075725d889aa5de1f4541cd764bed2bd46aeefcfa4a1b018b6a4fb

    • SHA512

      824e7e7cdccb4d60f72ad70fd73ea8184b1ed7b1d7b2e9a9426ec58380f3f4f769bee8b55d5d8c2450a6bfe37a2f737cc6a88c77e6bf1dde1984edc8c4e3b75c

    • SSDEEP

      6144:Z4CJRQliHM5ZsM5Iszp/znpBIZYJrAHAY7e1+vJmuxt:VuYMx5IshzrInH34+Bmuxt

    Score
    7/10
    spywarestealer

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Command-Line Interface

1
T1059

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

1
T1112

Credential Access

Credentials in Files

1
T1081

Discovery

System Information Discovery

1
T1082

Lateral Movement

Collection

Data from Local System

1
T1005

Exfiltration

Command and Control

Impact

Tasks