3a989ec907525ae8cb488002641bd24876c524141035430cb75562d08691f5c7 | Triage

Sharing

General

Target

file.exe
Size

305KB
Sample

230415-xj7cpsgg21
MD5

cbae5ce2d5c73d03569811c99b7e60d4
SHA1

465651b979221d10253bd6c648ba2448aded1340
SHA256

3a989ec907525ae8cb488002641bd24876c524141035430cb75562d08691f5c7
SHA512

711bef6fc5cb81205618535c727500b4fc6cd475c49005ffa15533fcc6624f0d5dc79d1d1e6f1d1bd2c641e5fe9d271dcd427d6ea7a6c3ce55bff90e9885d543
SSDEEP

3072:oGZ9Ri9WNrWCGjnKT0yOYAMUyXu58lAaUiKUzsg8fBy+hxB+qT3E6H4kV5aupHoV:oGRi9WLJT0yO6y0KUYfp3x/DH5l9Nd

Score

6^/10

spyware

Malware Config

Targets

- Target
  
  file.exe
- Size
  
  305KB
- MD5
  
  cbae5ce2d5c73d03569811c99b7e60d4
- SHA1
  
  465651b979221d10253bd6c648ba2448aded1340
- SHA256
  
  3a989ec907525ae8cb488002641bd24876c524141035430cb75562d08691f5c7
- SHA512
  
  711bef6fc5cb81205618535c727500b4fc6cd475c49005ffa15533fcc6624f0d5dc79d1d1e6f1d1bd2c641e5fe9d271dcd427d6ea7a6c3ce55bff90e9885d543
- SSDEEP
  
  3072:oGZ9Ri9WNrWCGjnKT0yOYAMUyXu58lAaUiKUzsg8fBy+hxB+qT3E6H4kV5aupHoV:oGRi9WLJT0yO6y0KUYfp3x/DH5l9Nd
Score

6^/10

spyware
- Accesses cryptocurrency files/wallets, possible credential harvesting
  spyware
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Credentials in Files

Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2