ffa46d05a9fec492b5143056913bf160730555b2450d1233ef59028c1ecc2e9d | Triage

Sharing

General

Target

13Vh687.exe
Size

631KB
Sample

231113-lpxvnscd45
MD5

bee83a24e0cead2469a7dfce5df9b708
SHA1

acc67aa1243abef2832f3f3d80a63e2124d2fa5d
SHA256

ffa46d05a9fec492b5143056913bf160730555b2450d1233ef59028c1ecc2e9d
SHA512

6b98b065fb13030f43a1ccb221fa4b1a0ff3c5bf4db5179485f4181e716cce8a739cebe05c4c4fe976ee173b5564d2083c315ae207427b46af051a990c53540e
SSDEEP

12288:E/RENoJ5jcOl0ekRQbFUXdy5pdijBOneGzbDB33cKxGmumm7Ud3:EJGY0ekRQm2poIeGzB33cwBu3U

Score

6^/10

spyware

Malware Config

Targets

- Target
  
  13Vh687.exe
- Size
  
  631KB
- MD5
  
  bee83a24e0cead2469a7dfce5df9b708
- SHA1
  
  acc67aa1243abef2832f3f3d80a63e2124d2fa5d
- SHA256
  
  ffa46d05a9fec492b5143056913bf160730555b2450d1233ef59028c1ecc2e9d
- SHA512
  
  6b98b065fb13030f43a1ccb221fa4b1a0ff3c5bf4db5179485f4181e716cce8a739cebe05c4c4fe976ee173b5564d2083c315ae207427b46af051a990c53540e
- SSDEEP
  
  12288:E/RENoJ5jcOl0ekRQbFUXdy5pdijBOneGzbDB33cKxGmumm7Ud3:EJGY0ekRQm2poIeGzB33cwBu3U
Score

6^/10

spyware
- Accesses cryptocurrency files/wallets, possible credential harvesting
  spyware
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Unsecured Credentials

Credentials In Files

Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2