e748eb9edda2ec9503bd01137e398e447294a6796d9c52618d07c03601822b29 | Triage

Sharing

General

Target

NEAS.e748eb9edda2ec9503bd01137e398e447294a6796d9c52618d07c03601822b29exe_JC.exe
Size

7.4MB
Sample

231023-xpcqaadb2v
MD5

a1fdf74f23be947253a251aa93c1fe04
SHA1

10b563c8cc16ded3c2dde24692eb0e0b3ca2bc3d
SHA256

e748eb9edda2ec9503bd01137e398e447294a6796d9c52618d07c03601822b29
SHA512

a238f17ba1aba08d641549b0f19d06386c666e1953f87d712332ebe4d66193b66ccd4a0876dd82844d3f9f3f26fa706f4c3642a09e752d0f4bf0d6ae5bea39ea
SSDEEP

98304:duHAksPOiudThBPNp1NAZjNojMCPeT8ogafpLUhPDFHy2Zr11jr28ny/4hqZgNdF:du/r1bJ

Score

6^/10

spyware

Malware Config

Targets

- Target
  
  NEAS.e748eb9edda2ec9503bd01137e398e447294a6796d9c52618d07c03601822b29exe_JC.exe
- Size
  
  7.4MB
- MD5
  
  a1fdf74f23be947253a251aa93c1fe04
- SHA1
  
  10b563c8cc16ded3c2dde24692eb0e0b3ca2bc3d
- SHA256
  
  e748eb9edda2ec9503bd01137e398e447294a6796d9c52618d07c03601822b29
- SHA512
  
  a238f17ba1aba08d641549b0f19d06386c666e1953f87d712332ebe4d66193b66ccd4a0876dd82844d3f9f3f26fa706f4c3642a09e752d0f4bf0d6ae5bea39ea
- SSDEEP
  
  98304:duHAksPOiudThBPNp1NAZjNojMCPeT8ogafpLUhPDFHy2Zr11jr28ny/4hqZgNdF:du/r1bJ
Score

6^/10

spyware
- Accesses cryptocurrency files/wallets, possible credential harvesting
  spyware
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Unsecured Credentials

Credentials In Files

Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2