aa22babc78a585a265046177f284a0182b471d91ed54ca0a380fe0d1a7d89e36 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

aa22babc78a585a265046177f284a0182b471d91ed54ca0a380fe0d1a7d89e36
Size

696KB
Sample

231009-fwjnqscg28
MD5

65a683f6e8bef549fad8a7ab0834958a
SHA1

3eb30fbe64d4f585a51017718e779d08b6b6ade9
SHA256

aa22babc78a585a265046177f284a0182b471d91ed54ca0a380fe0d1a7d89e36
SHA512

f169c2dd872af5a7322b05cc711b627149b0b39c542dd895c2e9d3e18b2cc469941142d1dd60661b85a3f7166cdd6c97927064e8535a205f25a06b8b3b0e33b1
SSDEEP

12288:13AcOof7mubwH8IKnC510zvYE3IrzaI8sd+yJOE9jz+1L7Gv0gt17UnS:13OofFEH8hnC51OYE3IrzaI8sIyJXpC2

Score

6^/10

spyware

Malware Config

Targets

- Target
  
  aa22babc78a585a265046177f284a0182b471d91ed54ca0a380fe0d1a7d89e36
- Size
  
  696KB
- MD5
  
  65a683f6e8bef549fad8a7ab0834958a
- SHA1
  
  3eb30fbe64d4f585a51017718e779d08b6b6ade9
- SHA256
  
  aa22babc78a585a265046177f284a0182b471d91ed54ca0a380fe0d1a7d89e36
- SHA512
  
  f169c2dd872af5a7322b05cc711b627149b0b39c542dd895c2e9d3e18b2cc469941142d1dd60661b85a3f7166cdd6c97927064e8535a205f25a06b8b3b0e33b1
- SSDEEP
  
  12288:13AcOof7mubwH8IKnC510zvYE3IrzaI8sd+yJOE9jz+1L7Gv0gt17UnS:13OofFEH8hnC51OYE3IrzaI8sIyJXpC2
Score

6^/10

spyware
- Accesses cryptocurrency files/wallets, possible credential harvesting
  spyware
- Suspicious use of SetThreadContext
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Unsecured Credentials

Credentials In Files

Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1