General

  • Target

    VoidExecutorV4.exe

  • Size

    13.2MB

  • Sample

    240204-txyqyaeca5

  • MD5

    9ead61bc7a84090c2a52fcda742fae94

  • SHA1

    f2388ada38b26cc3bd9e23e5b33d0007cdf9e244

  • SHA256

    7f19a2d8aee461b7e2f9322c4c2a3083f873da45390423bf09a081e7dc3d028e

  • SHA512

    6bfbc0d1b51b0377c54b9fcfffa20a66fc7bd4b3f4d56a7ad695e111c45f62af2f0a09faa927edd99508a2213ffa0987df78b59999d03bcca5e2d05035088a31

  • SSDEEP

    393216:K9EkMD2wW+eGQRIMTozGxu8C0ibfz6e57c1bmXiWCNta:4UD2wW+e5R5oztZ026e5aFVNta

Malware Config

Targets

    • Target

      VoidExecutorV4.exe

    • Size

      13.2MB

    • MD5

      9ead61bc7a84090c2a52fcda742fae94

    • SHA1

      f2388ada38b26cc3bd9e23e5b33d0007cdf9e244

    • SHA256

      7f19a2d8aee461b7e2f9322c4c2a3083f873da45390423bf09a081e7dc3d028e

    • SHA512

      6bfbc0d1b51b0377c54b9fcfffa20a66fc7bd4b3f4d56a7ad695e111c45f62af2f0a09faa927edd99508a2213ffa0987df78b59999d03bcca5e2d05035088a31

    • SSDEEP

      393216:K9EkMD2wW+eGQRIMTozGxu8C0ibfz6e57c1bmXiWCNta:4UD2wW+e5R5oztZ026e5aFVNta

    Score
    7/10
    • Drops startup file

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Accesses cryptocurrency files/wallets, possible credential harvesting

    • Legitimate hosting services abused for malware hosting/C2

    • Looks up external IP address via web service

      Uses a legitimate IP lookup service to find the infected system's external IP.

MITRE ATT&CK Enterprise v15

Tasks