e7cf16e7e4fac1aafb98e10b36c5b129df9a372d03bdebcc5cb77f7bb1139be7 | Triage

Sharing

General

Target

b329525d2d62f10d7a8fdb25bb9d9a43.exe
Size

1.7MB
Sample

230303-eynj2aff61
MD5

b329525d2d62f10d7a8fdb25bb9d9a43
SHA1

43190e85312bd69cda8c094a0085ea188832bbbc
SHA256

e7cf16e7e4fac1aafb98e10b36c5b129df9a372d03bdebcc5cb77f7bb1139be7
SHA512

053f1ff542bf1ac0bbbfc4f320c62cc5b63092f7ff0b882c0d7d8bf7b3a3609c42b817d2d527f9f8841035d5883eea91676b93fbc60779d68d119ee1e1460ad1
SSDEEP

6144:8GeEeHycW2dJDPEu0asM763jnJioXhbDJOTulPkkKeYBtEloF:

Score

6^/10

spyware

Malware Config

Targets

- Target
  
  b329525d2d62f10d7a8fdb25bb9d9a43.exe
- Size
  
  1.7MB
- MD5
  
  b329525d2d62f10d7a8fdb25bb9d9a43
- SHA1
  
  43190e85312bd69cda8c094a0085ea188832bbbc
- SHA256
  
  e7cf16e7e4fac1aafb98e10b36c5b129df9a372d03bdebcc5cb77f7bb1139be7
- SHA512
  
  053f1ff542bf1ac0bbbfc4f320c62cc5b63092f7ff0b882c0d7d8bf7b3a3609c42b817d2d527f9f8841035d5883eea91676b93fbc60779d68d119ee1e1460ad1
- SSDEEP
  
  6144:8GeEeHycW2dJDPEu0asM763jnJioXhbDJOTulPkkKeYBtEloF:
Score

6^/10

spyware
- Accesses cryptocurrency files/wallets, possible credential harvesting
  spyware
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Credentials in Files

Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2