Overview

overview

8

Static

static

1

winprofile

windows7-x64

5

winprofile

windows10-1703-x64

8

Resubmissions

23-06-2023 08:50

230623-krtelade92 5

10-06-2023 04:47

230610-fevdxaeh9z 8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    26bc9287f34be69cef7beca9e91c4a4f1de6f5934d9bc643f8d8de7754bda294

  • Size

    412KB

  • Sample

    230610-fevdxaeh9z

  • MD5

    c28cc92a7c78b96bec58fa3e5398074a

  • SHA1

    e33c3bd5f56d4152627501f7b8d3db62f7636dcf

  • SHA256

    26bc9287f34be69cef7beca9e91c4a4f1de6f5934d9bc643f8d8de7754bda294

  • SHA512

    9b794d82cffb7ee7eafdc82ee955bf99eee2e09bbf9aa56adee16ee2aac399c0f5c8c5c1056b9dde7b90131c03ea4a77b0bff5cd278c3b39a297a7b08c4abf36

  • SSDEEP

    12288:ir0/cxQev8EC1QdxTq+Oii1VUf0aJvb/x:e0/Tevs1QdNNg/Uf0aJvDx

Score
8/10
spyware

Malware Config

Targets

    • Target

      26bc9287f34be69cef7beca9e91c4a4f1de6f5934d9bc643f8d8de7754bda294

    • Size

      412KB

    • MD5

      c28cc92a7c78b96bec58fa3e5398074a

    • SHA1

      e33c3bd5f56d4152627501f7b8d3db62f7636dcf

    • SHA256

      26bc9287f34be69cef7beca9e91c4a4f1de6f5934d9bc643f8d8de7754bda294

    • SHA512

      9b794d82cffb7ee7eafdc82ee955bf99eee2e09bbf9aa56adee16ee2aac399c0f5c8c5c1056b9dde7b90131c03ea4a77b0bff5cd278c3b39a297a7b08c4abf36

    • SSDEEP

      12288:ir0/cxQev8EC1QdxTq+Oii1VUf0aJvb/x:e0/Tevs1QdNNg/Uf0aJvDx

    Score
    8/10
    spyware

    • Downloads MZ/PE file

    • Executes dropped EXE

    • Loads dropped DLL

    • Accesses cryptocurrency files/wallets, possible credential harvesting

      spyware

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Credentials in Files

1
T1081

Discovery

Lateral Movement

Collection

Data from Local System

1
T1005

Exfiltration

Command and Control

Impact

Tasks