Overview

overview

10

Static

static

10

Lethal.exe

windows10-1703-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    Lethal.exe

  • Size

    10.2MB

  • Sample

    231221-3mrz3sdfa2

  • MD5

    9c463ff25b235544c8f66f1bdceb3657

  • SHA1

    5302794610a45a59175cf2589373085c77e45974

  • SHA256

    ce396d7bfffc21f2f3054214d8ea9ccd3aa9ed7ed8b26644e7faa33c6bc82afa

  • SHA512

    598e0675308c5de9bdd9b5947f4da9b79d916bae648b5b1ee9fc90b3ff1fd71023f0c2d835913d987630f02242b37f816f1603490f2b5b05452ed93743aaf05e

  • SSDEEP

    196608:yyXiIE7SRpoIEDn61W903eV4QR7MToEuGxgh858F0ibfU36e7mgABObk91tllWT:/iIE7YoI2nwW+eGQR7MTozGxu8C0ibfK

Score
10/10
crealstealerpyinstallerspywarestealer

Malware Config

Targets

    • Target

      Lethal.exe

    • Size

      10.2MB

    • MD5

      9c463ff25b235544c8f66f1bdceb3657

    • SHA1

      5302794610a45a59175cf2589373085c77e45974

    • SHA256

      ce396d7bfffc21f2f3054214d8ea9ccd3aa9ed7ed8b26644e7faa33c6bc82afa

    • SHA512

      598e0675308c5de9bdd9b5947f4da9b79d916bae648b5b1ee9fc90b3ff1fd71023f0c2d835913d987630f02242b37f816f1603490f2b5b05452ed93743aaf05e

    • SSDEEP

      196608:yyXiIE7SRpoIEDn61W903eV4QR7MToEuGxgh858F0ibfU36e7mgABObk91tllWT:/iIE7YoI2nwW+eGQR7MTozGxu8C0ibfK

    Score
    7/10
    spywarestealer

    • Drops startup file

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Accesses cryptocurrency files/wallets, possible credential harvesting

      spyware

    • Legitimate hosting services abused for malware hosting/C2

    • Looks up external IP address via web service

      Uses a legitimate IP lookup service to find the infected system's external IP.

    behavioral1

MITRE ATT&CK Enterprise v15

Tasks