4cd4c679ca534d14d61c4be1ead38bffa132788a90c3397c873fa17e04fd801a | Triage

Sharing

Copy URL Twitter E-mail

General

Target

ledger-live-desktop-2.57.0-win-x64.rar
Size

13.2MB
Sample

230514-r3da3see4v
MD5

9eed9d3df8cf7e51bba1665d2c842fc2
SHA1

fea0d6c3fd0cc845b5680db6996cea7e059f0339
SHA256

4cd4c679ca534d14d61c4be1ead38bffa132788a90c3397c873fa17e04fd801a
SHA512

cac88b9a739577867aa181daad45cf2ec26516593acd4b7e5e72fb6eec36462e90565d9e699f626d44a8407fe871ff76763a6f7e810ade2f098d2c6405b27cd4
SSDEEP

196608:/b9QEsSs3kNFna1i3e3FjqRHTV0ClTO+ggsA0AykGun818bBzSPe:/b9YSqgng3EV3TDP0A2umG

Score

7^/10

spyware stealer

Malware Config

Targets

- Target
  
  ledger-live-desktop-2.57.0-win-x64/ledger-live-desktop-2.57.0-win-x64.exe
- Size
  
  14KB
- MD5
  
  ba6136993735218fedbcda5f188562d0
- SHA1
  
  f64778765329e8b1b690a402f624d4df006bec5b
- SHA256
  
  27342a96adb1b0a66190600086a43809f0c4fe2014454aa50c636db0023b6c72
- SHA512
  
  d0b8d43bdb27df865ccdbe273c633d4805c27f5936e435a3e8f29baa950b52ffa6546329b813401116c2dc9a14f061e37705e81080b3b39526230396ce833d26
- SSDEEP
  
  192:/NBjlOgJRQyFVDKOe5QG552MOKjDGExm5+xEqcmGkcW5tfW9FAw:/NxtQyFdNG552VYw5+uWRcV
Score

7^/10

spyware stealer
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Accesses cryptocurrency files/wallets, possible credential harvesting
  spyware
- Legitimate hosting services abused for malware hosting/C2
- Looks up external IP address via web service
  Uses a legitimate IP lookup service to find the infected system's external IP.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Web Service

Credential Access

Credentials in Files

Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2