daaa5f5d1b9f4a1967ef047387d739159eadf6e2950f1c7e11f9e1c5c39317e5 | Triage

Submit
Reports

Overview

overview

6

Static

static

3

cs2legit.zip

windows10-2004-x64

6

Sharing

General

Target

cs2legit.zip
Size

27.0MB
Sample

231002-jt7vbsgc7t
MD5

af6b9dbd331dc387e5cb5c2900e997d6
SHA1

6e0ff15a475424aae5c9a114ee9b3416462c4d92
SHA256

daaa5f5d1b9f4a1967ef047387d739159eadf6e2950f1c7e11f9e1c5c39317e5
SHA512

a55e839a850323a6223dedd137394460da45ce034f25c3e4bf447f15d43d6cd34e8adaabeae2bb1f4a098bff3e598759ed33e6b3f32849fe86be6f2dd9ce51ba
SSDEEP

786432:eC85JNQO/wdP3dvt9ypYXSae3K1A/emk5pOz:KQO/wdP5oOSd3+/5wz

Score

6^/10

spyware

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

cs2legit.zip

Resource

win10v2004-20230915-en

windows10-2004-x64

14 signatures

120 seconds

Malware Config

Targets

- Target
  
  cs2legit.zip
- Size
  
  27.0MB
- MD5
  
  af6b9dbd331dc387e5cb5c2900e997d6
- SHA1
  
  6e0ff15a475424aae5c9a114ee9b3416462c4d92
- SHA256
  
  daaa5f5d1b9f4a1967ef047387d739159eadf6e2950f1c7e11f9e1c5c39317e5
- SHA512
  
  a55e839a850323a6223dedd137394460da45ce034f25c3e4bf447f15d43d6cd34e8adaabeae2bb1f4a098bff3e598759ed33e6b3f32849fe86be6f2dd9ce51ba
- SSDEEP
  
  786432:eC85JNQO/wdP3dvt9ypYXSae3K1A/emk5pOz:KQO/wdP5oOSd3+/5wz
Score

6^/10

spyware
- Accesses cryptocurrency files/wallets, possible credential harvesting
  spyware
- Looks up external IP address via web service
  Uses a legitimate IP lookup service to find the infected system's external IP.
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Unsecured Credentials

Credentials In Files

Discovery

Peripheral Device Discovery

Process Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

© 2018-2024

Terms | Privacy