ac619e70e1f674bb4cb371b25ecaf913cdb7acc9f4130a1ff301ffa84ad86f76 | Triage

Sharing

General

Target

Soft.exe
Size

20.1MB
Sample

231117-r4qb2aab55
MD5

345e6d97979785eeb72f8abb68f702c8
SHA1

f83f1e11185e75099670dd2eeb640348a8d9fbeb
SHA256

ac619e70e1f674bb4cb371b25ecaf913cdb7acc9f4130a1ff301ffa84ad86f76
SHA512

5d275f9064c0c912661a1212a7abfb512a14ec56ab872a268b09c3a5a51f6cdb1d4358f4d6d91c03ff75ae6cd9c2c1e2ee2bcb3df45b25a0f568b83cc8d8f48e
SSDEEP

24576:WzarymSD/6+sZsF9ywIHhTfH6Rvg9I5U:3SD/6+sZskTyFg9Iy

Score

6^/10

spyware

Malware Config

Targets

- Target
  
  Soft.exe
- Size
  
  20.1MB
- MD5
  
  345e6d97979785eeb72f8abb68f702c8
- SHA1
  
  f83f1e11185e75099670dd2eeb640348a8d9fbeb
- SHA256
  
  ac619e70e1f674bb4cb371b25ecaf913cdb7acc9f4130a1ff301ffa84ad86f76
- SHA512
  
  5d275f9064c0c912661a1212a7abfb512a14ec56ab872a268b09c3a5a51f6cdb1d4358f4d6d91c03ff75ae6cd9c2c1e2ee2bcb3df45b25a0f568b83cc8d8f48e
- SSDEEP
  
  24576:WzarymSD/6+sZsF9ywIHhTfH6Rvg9I5U:3SD/6+sZskTyFg9Iy
Score

6^/10

spyware
- Accesses cryptocurrency files/wallets, possible credential harvesting
  spyware
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Unsecured Credentials

Credentials In Files

Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2