Overview

overview

10

Static

static

10

multi-toolv3.5.exe

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    multi-toolv3.5.exe

  • Size

    14.3MB

  • Sample

    240512-bkxn1ahd5y

  • MD5

    514df4dc9408b1fce4a439453adaf002

  • SHA1

    1d20c252362ea35549efc1ce22769f81f7acf796

  • SHA256

    a7e43b1acee784167ebbc9d0595e01a1fbf0fe58922d94d386bb87792ef562eb

  • SHA512

    8370695a8155428c02d1f95337a36d78aacf444e2430b1bfe64fd21fa0af1da622f2a2056d06c0193220eab87e2a4333e5bc0e93f2609c063dab9dbd271fc7b2

  • SSDEEP

    196608:un0sKYu/PaQ+Duvf7ndQmRJ8dA6lSuqaycBIGpEqo6hTOv+QKfwJb7vDV7qh/lvC:8QPndQuslSq9RoWOv+9fgb/Ev2X3

Score
10/10
crealstealerpyinstallerspywarestealer

Malware Config

Targets

    • Target

      multi-toolv3.5.exe

    • Size

      14.3MB

    • MD5

      514df4dc9408b1fce4a439453adaf002

    • SHA1

      1d20c252362ea35549efc1ce22769f81f7acf796

    • SHA256

      a7e43b1acee784167ebbc9d0595e01a1fbf0fe58922d94d386bb87792ef562eb

    • SHA512

      8370695a8155428c02d1f95337a36d78aacf444e2430b1bfe64fd21fa0af1da622f2a2056d06c0193220eab87e2a4333e5bc0e93f2609c063dab9dbd271fc7b2

    • SSDEEP

      196608:un0sKYu/PaQ+Duvf7ndQmRJ8dA6lSuqaycBIGpEqo6hTOv+QKfwJb7vDV7qh/lvC:8QPndQuslSq9RoWOv+9fgb/Ev2X3

    Score
    7/10
    spywarestealer

    • Drops startup file

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Accesses cryptocurrency files/wallets, possible credential harvesting

      spyware

    • Looks up external IP address via web service

      Uses a legitimate IP lookup service to find the infected system's external IP.

    behavioral1

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Unsecured Credentials

2
T1552

Credentials In Files

2
T1552.001

Discovery

Process Discovery

1
T1057

Query Registry

1
T1012

System Information Discovery

1
T1082

Lateral Movement

Collection

Data from Local System

2
T1005

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks