Overview

overview

10

Static

static

10

Artic Exectuor V2.exe

windows7-x64

7

Artic Exectuor V2.exe

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    Artic Exectuor V2.exe

  • Size

    14.4MB

  • Sample

    231019-xfrsvaca35

  • MD5

    36fbebafd42a69db1f42217c2a7a61d1

  • SHA1

    22a635c079339347fdc0cc26c2a9095e421a7bd4

  • SHA256

    7410552899317b9fd9c0654e6ca7557bada2c5464dece5e5a7968cd363365f75

  • SHA512

    9060a99af0d7ed1397fb05e4417ae3ddf3b49e3aa599a3fd60981c62d017eed7351458b9fa1615cd9daec3acf0b9298e1237ecb56b1c7cd4b59d5a404e99f0f6

  • SSDEEP

    393216:Bu7L/sQdkndQuslSq99oWOv+9fgf87eeqG:BCL0QdkndQuSDorvSYfmbq

Score
10/10
crealstealerpyinstallerspywarestealer

Malware Config

Targets

    • Target

      Artic Exectuor V2.exe

    • Size

      14.4MB

    • MD5

      36fbebafd42a69db1f42217c2a7a61d1

    • SHA1

      22a635c079339347fdc0cc26c2a9095e421a7bd4

    • SHA256

      7410552899317b9fd9c0654e6ca7557bada2c5464dece5e5a7968cd363365f75

    • SHA512

      9060a99af0d7ed1397fb05e4417ae3ddf3b49e3aa599a3fd60981c62d017eed7351458b9fa1615cd9daec3acf0b9298e1237ecb56b1c7cd4b59d5a404e99f0f6

    • SSDEEP

      393216:Bu7L/sQdkndQuslSq99oWOv+9fgf87eeqG:BCL0QdkndQuSDorvSYfmbq

    Score
    7/10
    spywarestealer

    • Drops startup file

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Accesses cryptocurrency files/wallets, possible credential harvesting

      spyware

    • Legitimate hosting services abused for malware hosting/C2

    • Looks up external IP address via web service

      Uses a legitimate IP lookup service to find the infected system's external IP.

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks