f13ea7b381708a18feef49edc01ea053aa89337433fa7c61a1e37ee5aa27aed2 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

64107cff205009261bf04a4e64d7208a.bin.exe
Size

1.9MB
Sample

230528-ha9zxaed84
MD5

64107cff205009261bf04a4e64d7208a
SHA1

ba3b80ed0844cf1aa371764999e6a46265fe7c88
SHA256

f13ea7b381708a18feef49edc01ea053aa89337433fa7c61a1e37ee5aa27aed2
SHA512

361d665e3e3e632fafbd315cea14e88dfded8c4eea632ee9edd315ff7a722fa77112f7200a0eeec831fcfbc92075de13745ac71ba438265fe1c786a77cf922fc
SSDEEP

6144:/osOwg0scbOzrtW+IktAO9su3thpzt9p3vVjIaA:3Rg0s8+Yu3thpzpvdFA

Score

6^/10

spyware

Malware Config

Targets

- Target
  
  64107cff205009261bf04a4e64d7208a.bin.exe
- Size
  
  1.9MB
- MD5
  
  64107cff205009261bf04a4e64d7208a
- SHA1
  
  ba3b80ed0844cf1aa371764999e6a46265fe7c88
- SHA256
  
  f13ea7b381708a18feef49edc01ea053aa89337433fa7c61a1e37ee5aa27aed2
- SHA512
  
  361d665e3e3e632fafbd315cea14e88dfded8c4eea632ee9edd315ff7a722fa77112f7200a0eeec831fcfbc92075de13745ac71ba438265fe1c786a77cf922fc
- SSDEEP
  
  6144:/osOwg0scbOzrtW+IktAO9su3thpzt9p3vVjIaA:3Rg0s8+Yu3thpzpvdFA
Score

6^/10

spyware
- Accesses cryptocurrency files/wallets, possible credential harvesting
  spyware
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Credentials in Files

Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2