1cc7feaee823df0807c49341b9f4f0e58a4c021e8bc974af7bf5eb02fe09731e | Triage

Sharing

General

Target

18bd6b80c064ecf021bff737c2f48ec4.exe
Size

690KB
Sample

230902-tj267sed45
MD5

18bd6b80c064ecf021bff737c2f48ec4
SHA1

7388f3d30f22b27243b6851f702189757cd29f06
SHA256

1cc7feaee823df0807c49341b9f4f0e58a4c021e8bc974af7bf5eb02fe09731e
SHA512

38dbc23989af37132a2f3bf462ed2c8591b3018fa96faf20a11d308e6bd820700ef456929ec338efd542ccf69d78ab36fbc2d76eeacfd09ac5cbc401e4d4d977
SSDEEP

12288:mA+lX8n+122WJVjgF/tCZqqe+OK+EkJrMo8CquJCLv2v30N1sb1:M/An0F0DhmJF8g30N1sZ

Score

6^/10

spyware

Malware Config

Targets

- Target
  
  18bd6b80c064ecf021bff737c2f48ec4.exe
- Size
  
  690KB
- MD5
  
  18bd6b80c064ecf021bff737c2f48ec4
- SHA1
  
  7388f3d30f22b27243b6851f702189757cd29f06
- SHA256
  
  1cc7feaee823df0807c49341b9f4f0e58a4c021e8bc974af7bf5eb02fe09731e
- SHA512
  
  38dbc23989af37132a2f3bf462ed2c8591b3018fa96faf20a11d308e6bd820700ef456929ec338efd542ccf69d78ab36fbc2d76eeacfd09ac5cbc401e4d4d977
- SSDEEP
  
  12288:mA+lX8n+122WJVjgF/tCZqqe+OK+EkJrMo8CquJCLv2v30N1sb1:M/An0F0DhmJF8g30N1sZ
Score

6^/10

spyware
- Accesses cryptocurrency files/wallets, possible credential harvesting
  spyware
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Unsecured Credentials

Credentials In Files

Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2