db76e48e13420cdf37910e1a89c2e346ee73d6d3999cbccfd552d7e22eb9123c | Triage

Sharing

Copy URL Twitter E-mail

General

Target

607e6e48bb7398dd40783cdf86ee4670.exe
Size

1.1MB
Sample

231122-qbhaaacf35
MD5

607e6e48bb7398dd40783cdf86ee4670
SHA1

ab8c150817f8d04e59e5b8de83c934d1ef97f83f
SHA256

db76e48e13420cdf37910e1a89c2e346ee73d6d3999cbccfd552d7e22eb9123c
SHA512

c8112e75955bcdfe0097a9f7cd09ac4bbb7cc948deb8ab15bdae4e1cd3c29af8509190dcb08f27373f5fa51d6fb22126bbe3e1458294da79b7ebfc5780232521
SSDEEP

12288:xw/H9W7SDR7uVA0P0YLdpTIEXQMRp6UiZy+08Be8Yj6D5ogFCVco0Xa:y/ESDm7YEvuXZZOVj0ogUV4X

Score

6^/10

spyware

Malware Config

Targets

- Target
  
  607e6e48bb7398dd40783cdf86ee4670.exe
- Size
  
  1.1MB
- MD5
  
  607e6e48bb7398dd40783cdf86ee4670
- SHA1
  
  ab8c150817f8d04e59e5b8de83c934d1ef97f83f
- SHA256
  
  db76e48e13420cdf37910e1a89c2e346ee73d6d3999cbccfd552d7e22eb9123c
- SHA512
  
  c8112e75955bcdfe0097a9f7cd09ac4bbb7cc948deb8ab15bdae4e1cd3c29af8509190dcb08f27373f5fa51d6fb22126bbe3e1458294da79b7ebfc5780232521
- SSDEEP
  
  12288:xw/H9W7SDR7uVA0P0YLdpTIEXQMRp6UiZy+08Be8Yj6D5ogFCVco0Xa:y/ESDm7YEvuXZZOVj0ogUV4X
Score

6^/10

spyware
- Accesses cryptocurrency files/wallets, possible credential harvesting
  spyware
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Unsecured Credentials

Credentials In Files

Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2