Overview

overview

8

Static

static

1

Chase_Bank...41.exe

windows7-x64

3

Chase_Bank...41.exe

windows10-2004-x64

8

Sharing

Copy URL Twitter E-mail

General

  • Target

    Chase_Bank_Statement0143121402341.exe

  • Size

    37.4MB

  • Sample

    230522-xcnxsacg7y

  • MD5

    979701a4ed42815f310887daa902651a

  • SHA1

    f8ea2c518a17f3d2756876c4c592617e355b9b0d

  • SHA256

    edca5b156737a2927e74d0475e834240d7a4f4189d6c6116518e4fe0d80527d6

  • SHA512

    52ec756f7486755cc8df7ca56002da0d91371cab0cc79178926eed334f449a393d84416f2a8b9e517c6b1a69dbc7c194c0b3772a50f0872e42b4526b69cbefa2

  • SSDEEP

    786432:i8eyWzlMKgLrnzcBtWTCzfeXGwGjaC39DIo3:iwrLrzityj3C39v

Score
8/10
spyware

Malware Config

Targets

    • Target

      Chase_Bank_Statement0143121402341.exe

    • Size

      37.4MB

    • MD5

      979701a4ed42815f310887daa902651a

    • SHA1

      f8ea2c518a17f3d2756876c4c592617e355b9b0d

    • SHA256

      edca5b156737a2927e74d0475e834240d7a4f4189d6c6116518e4fe0d80527d6

    • SHA512

      52ec756f7486755cc8df7ca56002da0d91371cab0cc79178926eed334f449a393d84416f2a8b9e517c6b1a69dbc7c194c0b3772a50f0872e42b4526b69cbefa2

    • SSDEEP

      786432:i8eyWzlMKgLrnzcBtWTCzfeXGwGjaC39DIo3:iwrLrzityj3C39v

    Score
    8/10
    spyware

    • Downloads MZ/PE file

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Loads dropped DLL

    • Accesses cryptocurrency files/wallets, possible credential harvesting

      spyware

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks