Overview

overview

6

Static

static

3

6f48625904...31.exe

windows7-x64

6

6f48625904...31.exe

windows10-2004-x64

6

Sharing

Copy URL
Twitter E-mail

General

  • Target

    0aa67a0f5fe1e1f15b84f2f6c5728a59.bin

  • Size

    197KB

  • Sample

    230610-bc51eaef3v

  • MD5

    5fdb0bea3011e897d22a19631918dc14

  • SHA1

    9a2cf79e9163ed8b5c67e325b5bf773ae759d0b3

  • SHA256

    6f4f8dae19e6d0e254ba59ac9b46c0366570fbeaf08f8443fd4eb8bc590cf601

  • SHA512

    fec6517494034d27fc5bc2919c68ad4f41a342e695e5ac91c7d0a65d7c853976b227e62dd61a4a57181646d3cb0ff499fdf002256befeef2a8f6fc0db09d2c9f

  • SSDEEP

    6144:N2L0s9hJi9D2/oGYYGmuOmkXywukcBc/lyr/M:krTiMoGY9muqyLkcBc/lC/M

Score
6/10
spyware

Malware Config

Targets

    • Target

      6f4862590486f5484716a3b3006b57f91e87c45f1e65fe0d41f6e80086fcad31.exe

    • Size

      1.1MB

    • MD5

      0aa67a0f5fe1e1f15b84f2f6c5728a59

    • SHA1

      d6a5232b214ad81d4fb25770c2a0df1f45e0a8bc

    • SHA256

      6f4862590486f5484716a3b3006b57f91e87c45f1e65fe0d41f6e80086fcad31

    • SHA512

      afea01068c9472637a7483be8f59618b0b3e567cc8210d46754e99c6d8f6ec4b0a4772ad0e44681b10ae62cd6bd6a2be9d3f26603a718466c59749d078e5be4e

    • SSDEEP

      6144:pYtehy3WQ9l/PL2DBaomZDwAOzvrqogFrOL:/h0WQ91KH1rqFK

    Score
    6/10
    spyware

    • Accesses cryptocurrency files/wallets, possible credential harvesting

      spyware

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Credentials in Files

1
T1081

Discovery

Lateral Movement

Collection

Data from Local System

1
T1005

Exfiltration

Command and Control

Impact

Tasks