Overview

overview

10

Static

static

10

Painel-XisTick.exe

windows7-x64

7

Painel-XisTick.exe

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    Painel-XisTick.exe

  • Size

    14.4MB

  • Sample

    240214-dsy8xafe5t

  • MD5

    21efbfa3a4ae3af15b173accbc2e2095

  • SHA1

    06a585f3cae3c821bbbadbe5788ccd053718eae4

  • SHA256

    ba850a2454628c2b978e247aa5f439ecfb1a42fb5495f7e1eb2a7b655394416e

  • SHA512

    eef790373e5cab896c99d950a5c85a097a74ca07038e2b9c4a828f7af2bbdf2b150cfcbf8da62c2b2e3e552a57dc02f923548c4878c695e605b6dc2fc14efc7f

  • SSDEEP

    196608:+9e0sKYu/PaQ+DuvfcdQmRJ8dA6lSuqaycBIGpEqo6hTOv+QKfwJRBfjqRW/lKzx:QkQQdQuslSq9RoWOv+9fg/FK2kFjf

Score
10/10
crealstealerpyinstallerspywarestealer

Malware Config

Targets

    • Target

      Painel-XisTick.exe

    • Size

      14.4MB

    • MD5

      21efbfa3a4ae3af15b173accbc2e2095

    • SHA1

      06a585f3cae3c821bbbadbe5788ccd053718eae4

    • SHA256

      ba850a2454628c2b978e247aa5f439ecfb1a42fb5495f7e1eb2a7b655394416e

    • SHA512

      eef790373e5cab896c99d950a5c85a097a74ca07038e2b9c4a828f7af2bbdf2b150cfcbf8da62c2b2e3e552a57dc02f923548c4878c695e605b6dc2fc14efc7f

    • SSDEEP

      196608:+9e0sKYu/PaQ+DuvfcdQmRJ8dA6lSuqaycBIGpEqo6hTOv+QKfwJRBfjqRW/lKzx:QkQQdQuslSq9RoWOv+9fg/FK2kFjf

    Score
    7/10
    spywarestealer

    • Drops startup file

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Accesses cryptocurrency files/wallets, possible credential harvesting

      spyware

    • Legitimate hosting services abused for malware hosting/C2

    • Looks up external IP address via web service

      Uses a legitimate IP lookup service to find the infected system's external IP.

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks