Overview

overview

7

Static

static

3

Transfer Slip.exe

windows7-x64

7

Transfer Slip.exe

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    Transfer Slip.exe

  • Size

    655KB

  • Sample

    231011-hswj8sgf2x

  • MD5

    ace875c365d7a5ce899658d3d89994ee

  • SHA1

    0eda8237f95c5360e0ce78c9a92115163dc3a0b4

  • SHA256

    0f25306693110deb7fd3d0f27a8bc3c2160247b3e05620d8a09550226cd6c09f

  • SHA512

    92cff086f1d6d13b98eba231a319ad3848a88a84c40494d2d9b51c78896836667965dce081cd02d0e87b6575f08ef637938818d3733d43434cb89c1aca00a545

  • SSDEEP

    12288:xVj3hLQvfdxOo7gpXtrXsF725JQn7KtI5N6+kBzvuHoSQFbZyWHCDYKJOP5O7HMV:xsMc79ozvuHpQyWHlk4UHMvHKs

Score
7/10
collectionspywarestealer

Malware Config

Targets

    • Target

      Transfer Slip.exe

    • Size

      655KB

    • MD5

      ace875c365d7a5ce899658d3d89994ee

    • SHA1

      0eda8237f95c5360e0ce78c9a92115163dc3a0b4

    • SHA256

      0f25306693110deb7fd3d0f27a8bc3c2160247b3e05620d8a09550226cd6c09f

    • SHA512

      92cff086f1d6d13b98eba231a319ad3848a88a84c40494d2d9b51c78896836667965dce081cd02d0e87b6575f08ef637938818d3733d43434cb89c1aca00a545

    • SSDEEP

      12288:xVj3hLQvfdxOo7gpXtrXsF725JQn7KtI5N6+kBzvuHoSQFbZyWHCDYKJOP5O7HMV:xsMc79ozvuHpQyWHlk4UHMvHKs

    Score
    7/10
    collectionspywarestealer

    • Reads user/profile data of local email clients

      Email clients store some user data on disk where infostealers will often target it.

      spywarestealer

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Accesses Microsoft Outlook profiles

      collection

    • Looks up external IP address via web service

      Uses a legitimate IP lookup service to find the infected system's external IP.

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks