8f04d4b2f2e38a4e7a42c17b91fb474718e7b8aa1eedeadec2833d1908028a24 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

NEAS.866a389a033d42601788161035335140.exe
Size

631KB
Sample

231117-gt11nsga29
MD5

866a389a033d42601788161035335140
SHA1

6162dd45f7532320045471b9195a0f1c7d2bb4f1
SHA256

8f04d4b2f2e38a4e7a42c17b91fb474718e7b8aa1eedeadec2833d1908028a24
SHA512

5866166fc665cdb19e7080f92888a24dbca76f5dd2c5e0f6674b417ea64657ff4fb3bbc0668dfbb197549d2b1fddb48fb24c66a3bc7f2519b97297c03a4fa0cf
SSDEEP

12288:ubMah/uQD52r36q8WUJ17VXQe9rHjFIvmoZXw8Yf+Ud3:bacy586CU1ZAe9XFI+wXw8e+U

Score

6^/10

spyware

Malware Config

Targets

- Target
  
  NEAS.866a389a033d42601788161035335140.exe
- Size
  
  631KB
- MD5
  
  866a389a033d42601788161035335140
- SHA1
  
  6162dd45f7532320045471b9195a0f1c7d2bb4f1
- SHA256
  
  8f04d4b2f2e38a4e7a42c17b91fb474718e7b8aa1eedeadec2833d1908028a24
- SHA512
  
  5866166fc665cdb19e7080f92888a24dbca76f5dd2c5e0f6674b417ea64657ff4fb3bbc0668dfbb197549d2b1fddb48fb24c66a3bc7f2519b97297c03a4fa0cf
- SSDEEP
  
  12288:ubMah/uQD52r36q8WUJ17VXQe9rHjFIvmoZXw8Yf+Ud3:bacy586CU1ZAe9XFI+wXw8e+U
Score

6^/10

spyware
- Accesses cryptocurrency files/wallets, possible credential harvesting
  spyware
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Unsecured Credentials

Credentials In Files

Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2