Overview

overview

8

Static

static

3

24bd790bc9...61.exe

windows7-x64

8

24bd790bc9...61.exe

windows10-2004-x64

8

Resubmissions

10-08-2023 13:02

230810-p92wxach32 8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    24bd790bc9427021121ec0e318db93369c2d893e40309f7083f178d3a5819161

  • Size

    419KB

  • Sample

    230810-p92wxach32

  • MD5

    d811a57bc0e8b86b449277f9ffb50cc9

  • SHA1

    cdab34eea2dfd5e96412e34c0b3eb090a9661377

  • SHA256

    24bd790bc9427021121ec0e318db93369c2d893e40309f7083f178d3a5819161

  • SHA512

    5b569f0cebdc006125ac37ee0e333a22a35189214b5c2ab05671e7c307936c1d121a9afd7c48ce5283435c755d82110ce70adffd4e20570c3d4f4680962a7dfa

  • SSDEEP

    12288:ZvtSEEuEE3EEMEEzEE5EEOEEmEEAEE2EE6EE3EERhXz+MbfR1nYm4BJ1B4ywtT5m:Zvtk

Score
8/10
spywarestealer

Malware Config

Targets

    • Target

      24bd790bc9427021121ec0e318db93369c2d893e40309f7083f178d3a5819161

    • Size

      419KB

    • MD5

      d811a57bc0e8b86b449277f9ffb50cc9

    • SHA1

      cdab34eea2dfd5e96412e34c0b3eb090a9661377

    • SHA256

      24bd790bc9427021121ec0e318db93369c2d893e40309f7083f178d3a5819161

    • SHA512

      5b569f0cebdc006125ac37ee0e333a22a35189214b5c2ab05671e7c307936c1d121a9afd7c48ce5283435c755d82110ce70adffd4e20570c3d4f4680962a7dfa

    • SSDEEP

      12288:ZvtSEEuEE3EEMEEzEE5EEOEEmEEAEE2EE6EE3EERhXz+MbfR1nYm4BJ1B4ywtT5m:Zvtk

    Score
    8/10
    spywarestealer

    • Downloads MZ/PE file

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Accesses cryptocurrency files/wallets, possible credential harvesting

      spyware

    • Looks up external IP address via web service

      Uses a legitimate IP lookup service to find the infected system's external IP.

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Subvert Trust Controls

1
T1553

Install Root Certificate

1
T1553.004

Modify Registry

1
T1112

Credential Access

Unsecured Credentials

2
T1552

Credentials In Files

2
T1552.001

Discovery

Lateral Movement

Collection

Data from Local System

2
T1005

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks