General

  • Target

    SvCpJuhbT.exe

  • Size

    1.7MB

  • Sample

    230502-me9l6ace3v

  • MD5

    c726a4eba148b17c9ccf3692fbc90701

  • SHA1

    52d203ff30f7a23fdc4cb45caa2efa40324a43d9

  • SHA256

    9eb758edc7a192e4a4fcfe1eac1799c1e64408cc57809628f2ae8c2114ff8eb6

  • SHA512

    8499f446c1a7ae0f52f75e61073c916e2531f09b4cf7fc133c63b874d3c42a5cddc280f8b9b9d1be038c6bb789e763213c8d0a1e27add3796cb3a46523ea707e

  • SSDEEP

    49152:rbwfYXOdg8BnGyKkv6dfaAHYgDJY2Zuqz1:rs7sf

Score
6/10

Malware Config

Targets

    • Target

      SvCpJuhbT.exe

    • Size

      1.7MB

    • MD5

      c726a4eba148b17c9ccf3692fbc90701

    • SHA1

      52d203ff30f7a23fdc4cb45caa2efa40324a43d9

    • SHA256

      9eb758edc7a192e4a4fcfe1eac1799c1e64408cc57809628f2ae8c2114ff8eb6

    • SHA512

      8499f446c1a7ae0f52f75e61073c916e2531f09b4cf7fc133c63b874d3c42a5cddc280f8b9b9d1be038c6bb789e763213c8d0a1e27add3796cb3a46523ea707e

    • SSDEEP

      49152:rbwfYXOdg8BnGyKkv6dfaAHYgDJY2Zuqz1:rs7sf

    Score
    6/10
    • Accesses cryptocurrency files/wallets, possible credential harvesting

    • Legitimate hosting services abused for malware hosting/C2

    • Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v6

Tasks