ea18ab128f0795e2d020d21b2189bcf25da6ac310e5a15d9aeebfb2be1114f31 | Triage

Sharing

General

Target

file.exe
Size

312KB
Sample

230420-2pdd2acg46
MD5

bd737b740c3ec31380ee4bb4e94f0b6c
SHA1

516e8f64e1980e484ca0bd39ef253d8fd7609e83
SHA256

ea18ab128f0795e2d020d21b2189bcf25da6ac310e5a15d9aeebfb2be1114f31
SHA512

e39faf5b0d4be5514688cc0eefb2febdf3442be4095aebff5b497b7008a8e1bdc193ef784b175be8db1bc4a8141ed6de73f382492ecdeebe69b69ba2a162af29
SSDEEP

6144:n7LK6a0pBKlG2HNjhAqRWn4+0VHzdlj5AzbFY5nDe0j:n7ejmIlGENPRW4bHzb5AzRYBDe

Score

6^/10

spyware

Malware Config

Targets

- Target
  
  file.exe
- Size
  
  312KB
- MD5
  
  bd737b740c3ec31380ee4bb4e94f0b6c
- SHA1
  
  516e8f64e1980e484ca0bd39ef253d8fd7609e83
- SHA256
  
  ea18ab128f0795e2d020d21b2189bcf25da6ac310e5a15d9aeebfb2be1114f31
- SHA512
  
  e39faf5b0d4be5514688cc0eefb2febdf3442be4095aebff5b497b7008a8e1bdc193ef784b175be8db1bc4a8141ed6de73f382492ecdeebe69b69ba2a162af29
- SSDEEP
  
  6144:n7LK6a0pBKlG2HNjhAqRWn4+0VHzdlj5AzbFY5nDe0j:n7ejmIlGENPRW4bHzb5AzRYBDe
Score

6^/10

spyware
- Accesses cryptocurrency files/wallets, possible credential harvesting
  spyware
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Credentials in Files

Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2