Overview
overview
10Static
static
101.exe
windows7-x64
31221.exe
windows7-x64
106b282d34fv2.exe
windows7-x64
1B000CEF.exe
windows7-x64
10Builder.exe
windows7-x64
1POVOFJYqCo...Iu.exe
windows7-x64
1Terracotta.exe
windows7-x64
1TerracottaGUI.exe
windows7-x64
1Zver.exe
windows7-x64
3a.exe
windows7-x64
10amdcontroller.exe
windows7-x64
10bg.exe
windows7-x64
1bin.exe
windows7-x64
10bin2.exe
windows7-x64
7ej.exe
windows7-x64
10fban4.exe
windows7-x64
7glash.exe
windows7-x64
1johngotovo (2).exe
windows7-x64
10johngotovo...al.exe
windows7-x64
10ktg.exe
windows7-x64
1otIXAOPqOV...LX.exe
windows7-x64
3scvsots.exe
windows7-x64
10setup.exe
windows7-x64
1shit.exe
windows7-x64
10ss.exe
windows7-x64
10stealedd517v2.exe
windows7-x64
1steel.exe
windows7-x64
1ted.exe
windows7-x64
1update_b.exe
windows7-x64
1update_z.exe
windows7-x64
1uyo.exe
windows7-x64
1v72d8z2.exe
windows7-x64
1Analysis
-
max time kernel
21s -
max time network
18s -
platform
windows7_x64 -
resource
win7-20230712-en -
resource tags
arch:x64arch:x86image:win7-20230712-enlocale:en-usos:windows7-x64system -
submitted
13-08-2023 18:33
Behavioral task
behavioral1
Sample
1.exe
Resource
win7-20230712-en
Behavioral task
behavioral2
Sample
1221.exe
Resource
win7-20230712-en
Behavioral task
behavioral3
Sample
6b282d34fv2.exe
Resource
win7-20230712-en
Behavioral task
behavioral4
Sample
B000CEF.exe
Resource
win7-20230712-en
Behavioral task
behavioral5
Sample
Builder.exe
Resource
win7-20230712-en
Behavioral task
behavioral6
Sample
POVOFJYqCoZfOoPkWOsSBcVYWIu.exe
Resource
win7-20230712-en
Behavioral task
behavioral7
Sample
Terracotta.exe
Resource
win7-20230712-en
Behavioral task
behavioral8
Sample
TerracottaGUI.exe
Resource
win7-20230712-en
Behavioral task
behavioral9
Sample
Zver.exe
Resource
win7-20230712-en
Behavioral task
behavioral10
Sample
a.exe
Resource
win7-20230712-en
Behavioral task
behavioral11
Sample
amdcontroller.exe
Resource
win7-20230712-en
Behavioral task
behavioral12
Sample
bg.exe
Resource
win7-20230712-en
Behavioral task
behavioral13
Sample
bin.exe
Resource
win7-20230712-en
Behavioral task
behavioral14
Sample
bin2.exe
Resource
win7-20230712-en
Behavioral task
behavioral15
Sample
ej.exe
Resource
win7-20230712-en
Behavioral task
behavioral16
Sample
fban4.exe
Resource
win7-20230712-en
Behavioral task
behavioral17
Sample
glash.exe
Resource
win7-20230712-en
Behavioral task
behavioral18
Sample
johngotovo (2).exe
Resource
win7-20230712-en
Behavioral task
behavioral19
Sample
johngotovo (2)_original_original.exe
Resource
win7-20230712-en
Behavioral task
behavioral20
Sample
ktg.exe
Resource
win7-20230712-en
Behavioral task
behavioral21
Sample
otIXAOPqOVgvIKePlwFQLX.exe
Resource
win7-20230712-en
Behavioral task
behavioral22
Sample
scvsots.exe
Resource
win7-20230712-en
Behavioral task
behavioral23
Sample
setup.exe
Resource
win7-20230712-en
Behavioral task
behavioral24
Sample
shit.exe
Resource
win7-20230712-en
Behavioral task
behavioral25
Sample
ss.exe
Resource
win7-20230712-en
Behavioral task
behavioral26
Sample
stealedd517v2.exe
Resource
win7-20230712-en
Behavioral task
behavioral27
Sample
steel.exe
Resource
win7-20230712-en
Behavioral task
behavioral28
Sample
ted.exe
Resource
win7-20230712-en
Behavioral task
behavioral29
Sample
update_b.exe
Resource
win7-20230712-en
Behavioral task
behavioral30
Sample
update_z.exe
Resource
win7-20230712-en
Behavioral task
behavioral31
Sample
uyo.exe
Resource
win7-20230712-en
Behavioral task
behavioral32
Sample
v72d8z2.exe
Resource
win7-20230712-en
General
-
Target
bin2.exe
-
Size
565KB
-
MD5
66a777ef1448979e315f5be959a20a67
-
SHA1
d1b4fb00df2f5d48498a6001007ebf5f91841394
-
SHA256
eec2437b0d9853f2416a800826692e9d74d052ba346465b0541a563c7adb8082
-
SHA512
9adc10f59f6527da9c4ef015827305e0490b3ff0d261ed0c0e029209c28e00f21321552292004e295857e1ac5a511130e9572b84c7a1f85034ef0dde9386f723
-
SSDEEP
12288:2JdJIY6hz+4ewbrOiroANc1nRDWVSpR8dIC/TSTA6YIild+2+XbivoqSlxVJb2:s/Ifz5eavrouynRDWkpOdIC/TSc6YtlV
Malware Config
Signatures
-
Reads data files stored by FTP clients 2 TTPs
Tries to access configuration files associated with programs like FileZilla.
-
Reads user/profile data of web browsers 2 TTPs
Infostealers often target stored browser data, which can include saved credentials etc.
-
Accesses cryptocurrency files/wallets, possible credential harvesting 2 TTPs
Processes
Network
MITRE ATT&CK Matrix ATT&CK v13
Replay Monitor
Loading Replay Monitor...
Downloads
-
C:\Users\Admin\AppData\Roaming\pts2W6U4Q1Q9X\General\forms.txtFilesize
11B
MD5fbf2b0ea6fdc6fe3148bd600729d5fac
SHA12c0aad6ae361763eddc2668a9493f434d6a972bd
SHA256c794c993f1d9125029477df973401ae082c56b53f1d7e461258537aa7efc5797
SHA51229547388d261c54a031e97f0beeaf3bba67949a4a178ab5df39091d7e8e8a66415bc1f9dabd518eb7ceb7c01868b124575c7a16e41ed4e180a9df872847e57fb