Overview

overview

6

Static

static

3

9eb758edc7...b6.exe

windows7-x64

1

9eb758edc7...b6.exe

windows10-2004-x64

6

Sharing

Copy URL
Twitter E-mail

General

  • Target

    c726a4eba148b17c9ccf3692fbc90701.bin

  • Size

    829KB

  • Sample

    230503-cmkmwsdd38

  • MD5

    638f3858bfd3c42d10c32762939d6a8d

  • SHA1

    2661417bc5b052ccfd4b2f36293371ebd20e257b

  • SHA256

    96ee9025b82bcb8f6e53994b9754f7c0ae15f5c50ce21a65a7243cc448597f91

  • SHA512

    5ca860cbe5131e963c97a5114b8fd4c6047d68d877b4789244977a25f21f9d6b940a9e78872e5d6cb8b12bdd0eb2ded0128bcbce304265e07e87661eb2653d8d

  • SSDEEP

    24576:HQ4xHxlZeQk+c5mh7xhjBXuzSW4i1yq5BR:HQEcQfCm1xFBDW1dF

Score
6/10
spyware

Malware Config

Targets

    • Target

      9eb758edc7a192e4a4fcfe1eac1799c1e64408cc57809628f2ae8c2114ff8eb6.exe

    • Size

      1.7MB

    • MD5

      c726a4eba148b17c9ccf3692fbc90701

    • SHA1

      52d203ff30f7a23fdc4cb45caa2efa40324a43d9

    • SHA256

      9eb758edc7a192e4a4fcfe1eac1799c1e64408cc57809628f2ae8c2114ff8eb6

    • SHA512

      8499f446c1a7ae0f52f75e61073c916e2531f09b4cf7fc133c63b874d3c42a5cddc280f8b9b9d1be038c6bb789e763213c8d0a1e27add3796cb3a46523ea707e

    • SSDEEP

      49152:rbwfYXOdg8BnGyKkv6dfaAHYgDJY2Zuqz1:rs7sf

    Score
    6/10
    spyware

    • Accesses cryptocurrency files/wallets, possible credential harvesting

      spyware

    • Legitimate hosting services abused for malware hosting/C2

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Credentials in Files

1
T1081

Discovery

Lateral Movement

Collection

Data from Local System

1
T1005

Exfiltration

Command and Control

Web Service

1
T1102

Impact

Tasks