Overview

overview

8

Static

static

1

2k23ballinhoop.exe

windows7-x64

7

2k23ballinhoop.exe

windows10-2004-x64

8

Sharing

Copy URL Twitter E-mail

General

  • Target

    2k23ballinhoop.exe

  • Size

    7.0MB

  • Sample

    230718-f91t6sgd93

  • MD5

    092b7f1a2b67de290da755f676763279

  • SHA1

    1d4e9780b0b5f4a74176bff38ee80815c9eceec1

  • SHA256

    1ccc641022b3e95b4eaa3339f8d980bf1b606ca8d4f529c98f8d7d2762515b85

  • SHA512

    886d68c26cae8471f1e9320f8f406cca555ba2ba7f06085797c4ef117a23a9450d251bada3551bceb9f3620bce0a41cb746fad971c2afe258e51f92e72287bb7

  • SSDEEP

    196608:mQ7iQsGbT/9bvLz3S1bA329OqtFM+ehUNiYrvV6/:4GbTlj3S1bO29OqtFHehUNlbc/

Score
8/10
spywarestealerupx

Malware Config

Targets

    • Target

      2k23ballinhoop.exe

    • Size

      7.0MB

    • MD5

      092b7f1a2b67de290da755f676763279

    • SHA1

      1d4e9780b0b5f4a74176bff38ee80815c9eceec1

    • SHA256

      1ccc641022b3e95b4eaa3339f8d980bf1b606ca8d4f529c98f8d7d2762515b85

    • SHA512

      886d68c26cae8471f1e9320f8f406cca555ba2ba7f06085797c4ef117a23a9450d251bada3551bceb9f3620bce0a41cb746fad971c2afe258e51f92e72287bb7

    • SSDEEP

      196608:mQ7iQsGbT/9bvLz3S1bA329OqtFM+ehUNiYrvV6/:4GbTlj3S1bO29OqtFHehUNlbc/

    Score
    8/10
    upxspywarestealer

    • Drops file in Drivers directory

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Accesses cryptocurrency files/wallets, possible credential harvesting

      spyware

    • Legitimate hosting services abused for malware hosting/C2

    • Looks up external IP address via web service

      Uses a legitimate IP lookup service to find the infected system's external IP.

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks