fd6ef0575050122cc85d63d4400cbbd88d8ec1911df0a2575738baf62c175ad5

Sharing

Copy URL Twitter E-mail

General

Target

DWMBG.7zmal
Size

20.7MB
Sample

240512-l5mdwaag2t
MD5

5b0982e5a931eeabea7e58a61a414347
SHA1

e57a935632334ef3bb828b27c10ff7b03757d65e
SHA256

fd6ef0575050122cc85d63d4400cbbd88d8ec1911df0a2575738baf62c175ad5
SHA512

0f7b0d022620c98722b5b167af527903d4508f06d72094d0eac2ef1ac9fb93573f2eacf6df564efd76bfc0f689481c16f6be586eff7df592026f4632e42fce42
SSDEEP

393216:3jKJjbFierOTocvjIcOMpkmxDbOSaduX4ultjA23x+wIEpqYV4FfC08SrqO0:yjJ0TvjFOMpZm3Pu51ISMf9qd

Score

7^/10

Malware Config

Targets

- Target
  
  DWMBG.7zmal
- Size
  
  20.7MB
- MD5
  
  5b0982e5a931eeabea7e58a61a414347
- SHA1
  
  e57a935632334ef3bb828b27c10ff7b03757d65e
- SHA256
  
  fd6ef0575050122cc85d63d4400cbbd88d8ec1911df0a2575738baf62c175ad5
- SHA512
  
  0f7b0d022620c98722b5b167af527903d4508f06d72094d0eac2ef1ac9fb93573f2eacf6df564efd76bfc0f689481c16f6be586eff7df592026f4632e42fce42
- SSDEEP
  
  393216:3jKJjbFierOTocvjIcOMpkmxDbOSaduX4ultjA23x+wIEpqYV4FfC08SrqO0:yjJ0TvjFOMpZm3Pu51ISMf9qd
Score

3^/10
behavioral1
- Target
  
  ButtonGlowExt.res
- Size
  
  159KB
- MD5
  
  d068fa0c7c14eb342ff1f16f9a9ff3c3
- SHA1
  
  2bddbb8e103691e058c391e95495e31e376a8d25
- SHA256
  
  9725e993c5145511352d43e2ddde49e29aed3216d8b8ef5f54cc198b30f6dfc7
- SHA512
  
  8b760bbf4260f899275a2ce3aadad88ace7797b85db35ee9fa896ab372cf336396ebc64303b0706eb11e9c6e4ab42d7b734a40fa4a5a3e2761b8acd8d007613a
- SSDEEP
  
  3072:hZf0Yz042e6OdFL1qe22jUL5ouChqvZWhUr/FawZfe8y5Y:Tf07MrL132egFCk8hAswBe8y5Y
Score

3^/10
behavioral2
- Target
  
  DWMBlurGlass.exe
- Size
  
  19.2MB
- MD5
  
  45ad3a7da60fa5c82a909a4193f5fde0
- SHA1
  
  46fd6a09632ad7b6b0eb13103a647b212c9f9370
- SHA256
  
  789deac2d62fc97e99dfcc06de2f7acd65c31c1cc263c9809ac82abfab114642
- SHA512
  
  adf5bac6e330798c3c6ed113ca75fd33b677661a0421369c61f92664f8f9bd6a3610021b1fb25a70562477c298ebbf5aa38812ef217a658aefd52a2d9c002c31
- SSDEEP
  
  393216:REkZQtstvdqx5X9dM/ISWdQJluwF3MnG3oTl5nJ0GqerW4pRK5LH:RhQtstVMT6ISWdQz3MGY3e4Vg
Score

7^/10

spyware stealer
- Drops startup file
- Loads dropped DLL
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Accesses cryptocurrency files/wallets, possible credential harvesting
  spyware
- Legitimate hosting services abused for malware hosting/C2
- Looks up external IP address via web service
  Uses a legitimate IP lookup service to find the infected system's external IP.
behavioral3
- Target
  
  cstealer.pyc
- Size
  
  75KB
- MD5
  
  f045b8cacbe601a096abc4e925e52ed1
- SHA1
  
  412c0ddcdc6fe473a68b7b6f0948768f6ae252b7
- SHA256
  
  61df7af3bf6ad0378ccbe6912a5b627e1269f4967a35d4b197bc181e404b5cf4
- SHA512
  
  35914a688590d39abe030881ef7d1f5507e3639ac6de343e7e2249699606535d4dc9fe8e59a118349c464aede3586dae965fd79e9d016040d0f9de74acaf546d
- SSDEEP
  
  1536:DvI0OubY3m4uDsJlj+k2Is8rRaDBDLWmBGN4wivRhe5X:Dv8hge2Is8c1WrN4wivRKX
Score

3^/10
behavioral4
- Target
  
  DWMBlurGlassExt.dll
- Size
  
  539KB
- MD5
  
  3fc9ecd74b100c29d2cbfd11ea932e6b
- SHA1
  
  ae251e85ae0dd6867bab68b596310e164950f8f3
- SHA256
  
  dbe93ba3b03c449ea3686c49774707e9fcc0e87f4fc51e0fa9bf257761b36bdb
- SHA512
  
  e7912ce782a9f932adc6d62de9bbdca68a5ed915e988aebd455166342bcae7eadaa77ec51e985af634e077d347014bb78070923fe185cbaef8003b98c4f60f72
- SSDEEP
  
  6144:WbvNGAc2BmLBZ4BO9g0ypN4PKOBmGAGTgyph0lhSMXlBXBWn5ttf7dkWJOPWFVo:WhwX9g0c+dph0lhSMXlitzNOu
Score

1^/10
behavioral5
- Target
  
  data/AeroPeek.png
- Size
  
  142KB
- MD5
  
  c5193f32f17ce6b13aa4ec1c1eb53e58
- SHA1
  
  41ff6b576e35903c79d776ec87350cb9a768faba
- SHA256
  
  e8d37b88ef974f8c0ad0484908d573753ac12db69c6991b17da34f19311c7b20
- SHA512
  
  1a3e91940a400fd41bf783dbf3545a2eba67eefe08664f08202b3772f726e2978f19e24a0a4bd5c6cf2a02e3f48fcbc0053dca2e99112dc75bb533ca8bda2716
- SSDEEP
  
  1536:SBB3joMaqAWm1Nc1dssrbKumOYZYcTKpAcbggjdGLvsPIzpRpmjIrjtbl4RzPBia:SSqS7AD2YIgJggjd4swzvpmctR4NZCBM
Score

3^/10
behavioral6
- Target
  
  data/btnglow_close.png
- Size
  
  2KB
- MD5
  
  37f7405232baa2dad24d640436bf2ad7
- SHA1
  
  aa9e74e31c4d467a5a71ac603fee37b14e557aa1
- SHA256
  
  0e65281e1e1bd40c89d99a847b85cd7795026bebd59cc141bdbf01defa4abd46
- SHA512
  
  d1ded1ded17a59898839e9d418f1cf34af109df5ec7ddd8f79b3f873dc66015aade6551ca8f2cb6d05762861139a15d5c3e459ddca1d251b599c0aba270ad76e
Score

3^/10
behavioral7
- Target
  
  data/btnglow_other.png
- Size
  
  1KB
- MD5
  
  65d4ec586a91d0cdbee17a887fdbae76
- SHA1
  
  9d80ef11ee696a3e93df5b3ad1e1e3cd0c5234db
- SHA256
  
  0746d063c0b02c37d4fb689dd52d2be3ae9770b7af6070ea07eb8be43791248d
- SHA512
  
  8978d14f42276ae49d99cf2dce8c19d3f95b1643d004e2b72bf32c5ced39b73472807cde882749330f81d0066d4935dcda2420adafb62ed7948b6b9875529e28
Score

3^/10
behavioral8
- Target
  
  data/config.ini
- Size
  
  803B
- MD5
  
  703710a815d5ad7c082b6780e5bc19b4
- SHA1
  
  e800ee5c5a5af81d8053130bd4c85f8d99f8c60f
- SHA256
  
  d71898539a2fc9768286e8ed0a53f545c792f4aa6e21056b73f93d54e192a846
- SHA512
  
  d04e965442bd0cf56b3ab2e54101eb85ed28edc7459be012eb2eb3f2fa1e4d72df59b25db20d316aae92cae1145dfb33e78962dfa486866c623e29cab36abc9e
Score

3^/10
behavioral9
- Target
  
  data/defaultres.dmres
- Size
  
  170KB
- MD5
  
  06bac3dc086ff942952295c9919e4788
- SHA1
  
  0d5814543abf399ba24d69ec04df138395cc274e
- SHA256
  
  96c327da60ce61a6388c772df85e362be45b40cc4a6582dbea4f2d6ec4185f44
- SHA512
  
  136ad0e2a6ff8d4e18939fa8e607a994339bd659facf0d2bf9a59726d3946cafeb6249ff40c1d6546ba6a28256fde6243bccc5aaf02c87bad84af136d2c851b8
- SSDEEP
  
  3072:h5/U4TFu4We6u9lcXcVqe22j0r5oOiBKv52hUrfl6wZ/e8SZ4:z/UwCsrcXcV32eglik8hgswhe8SZ4
Score

3^/10
behavioral10
- Target
  
  data/glass.png
- Size
  
  142KB
- MD5
  
  c5193f32f17ce6b13aa4ec1c1eb53e58
- SHA1
  
  41ff6b576e35903c79d776ec87350cb9a768faba
- SHA256
  
  e8d37b88ef974f8c0ad0484908d573753ac12db69c6991b17da34f19311c7b20
- SHA512
  
  1a3e91940a400fd41bf783dbf3545a2eba67eefe08664f08202b3772f726e2978f19e24a0a4bd5c6cf2a02e3f48fcbc0053dca2e99112dc75bb533ca8bda2716
- SSDEEP
  
  1536:SBB3joMaqAWm1Nc1dssrbKumOYZYcTKpAcbggjdGLvsPIzpRpmjIrjtbl4RzPBia:SSqS7AD2YIgJggjd4swzvpmctR4NZCBM
Score

3^/10
behavioral11
- Target
  
  data/lang/de-DE.xml
- Size
  
  5KB
- MD5
  
  564bf56ec54a5de6e6ee6ff9f1ea9d2f
- SHA1
  
  dbcb3f8f48ede302c3e3e2bdee6562f9c6a7965f
- SHA256
  
  03e36230545626f12c713c7c1ca6baebbe57c12487c73cc70c515693ca9a8e03
- SHA512
  
  5e8fb7e780725e75e451b36733d54b9b97a90cba6ef6a57a608b97e1d47cd1e3f1ac535dfeb41d0940ad7915254d6c21b66f3f9248a5e1bbfef49f78d49e9a04
- SSDEEP
  
  96:gXi4nENx0YiBAOAWAAhVMGM0MC2B+GW+We19UG4jMGa3ZD8fAovkfnMdnZ:54gx0DMGM0MPBxW+16n0OYif
Score

1^/10
behavioral12
- Target
  
  data/lang/en-US.xml
- Size
  
  5KB
- MD5
  
  fd69d396fa49d40fa5be95bf9fe421c9
- SHA1
  
  ab357e9ab83174d772a1ff5bb8483ba119e39f83
- SHA256
  
  2268fbc8305592370e0b4c09b61fe05ba0b1cf7e7c01ea8532ef351cd42b8225
- SHA512
  
  422d8c2847389d3be40ee90b4773f68e3f6099e4b6a20e355d1e5f3fbf98d344a6242541fb7d67753fb789f4a39b4d7960c5d8f472b1c6d0d3035fc92f096941
- SSDEEP
  
  96:y/2kkrczjQhNsmtwyM40M5+FI2Is786sRGc080G/c08GNCw2i6:q2kkKjp2wyM40M5IVex6
Score

1^/10
behavioral13
- Target
  
  data/lang/es-MX.xml
- Size
  
  3KB
- MD5
  
  a6e7ff9939605b6882d1dc1eb39bcd65
- SHA1
  
  43a5f94afc522fec25de1688d3398ffa50312bbf
- SHA256
  
  b88ec2ee7b80fd1df5a752c9a4e13c0f010b47d30a4fedb21c3f49a39edc7ef1
- SHA512
  
  e7dd66f8ce18fd88fc37af9dd01da568fdb86e93b05d795c9bcc5d971025a7b0401a68744a9f9c8a746d426257778d8a9a62fe03c70d27e1c9a37b7fcd229d4e
Score

1^/10
behavioral14
- Target
  
  data/lang/fr-FR.xml
- Size
  
  4KB
- MD5
  
  be474e5bc94dc1ca1acd35fc13fe9544
- SHA1
  
  21c476c9cae9fa0a433d5f3cfbe8b1b6a617ae38
- SHA256
  
  e635695606d70ba5bb58ef9985c181c70c2efa85a03a19720054cbf59d9a521e
- SHA512
  
  12fff1a7bca64123a27fa677fddeee9bf06d4755de005945e0bdb997b6c0d5d4aa31ae8d8fae3436193b8d63e0e56d854309b1c98da8bfab5df479da5a3f8dbe
- SSDEEP
  
  96:GWKINgY6c8y55MIMEB+1deHcnOoPiV+08415iBRUg:GWu8MIMEB8dedoP83cGg
Score

1^/10
behavioral15
- Target
  
  data/lang/id-ID.xml
- Size
  
  3KB
- MD5
  
  82a5adf6aa93ba289f82769c53beb1f3
- SHA1
  
  3b60b14d13027b560ebc5341d579439378bc85df
- SHA256
  
  c1a39a9fe9c5f14c3fd4209daef743ce2e704368cc5fbea2eae139a33a61b74d
- SHA512
  
  5c17cb638c62dc6efda9acf42831328578416a9ede4e546db2ed8337b7824ed3793bf77e3854cc7957bf8504f60919b00028cd2b623d0728010d034aa13d6140
Score

1^/10
behavioral16
- Target
  
  data/lang/it-IT.xml
- Size
  
  5KB
- MD5
  
  e7ed56d4244fca9360b004dfaaf435d6
- SHA1
  
  775311f44fb73bf8032c89ef4b342ba0d36603f4
- SHA256
  
  b7357250ab0c8782046f51ae3cd2349ce61c17300556390d4448bb93de1e87c3
- SHA512
  
  99c17dbf6e363db3b69ec7a73ae4669e723864a5ff95fe26c256cf19813cbbf21fdb4c18464f54bbb9a46b7cee653fc2b48825ffa154cd412f8ac1f0bc53a5c8
- SSDEEP
  
  96:R+wRYDrAwZkU2UOapjDSMJIMVz+nTObRW73RzDQZEkfRB+t2087q2qWk7BghTC:xwt2qsM6MVzATjeC17B2TC
Score

1^/10
behavioral17
- Target
  
  data/lang/ja-JP.xml
- Size
  
  4KB
- MD5
  
  c652adda2912f9c75cc7a8c8feec4885
- SHA1
  
  090e8d7c86b98d64e3c044970828a0fbc75eef63
- SHA256
  
  722ee8be74c585d10bb08f5c773819f806d0481a07c5afee45be34912ebfda87
- SHA512
  
  446139bdcc61a64feac34c12674a92a5af5613b39aafbbf612894a3d9f6e1aeb47cbf48e1dc0ccdf352424808631dc5fdef1c80d0efee1a562d7b3a31493e127
- SSDEEP
  
  96:/6p6B/31/LzchM6Mp+RxjLiMKMNE3U+V/cifn:c6B/F/2M6MpQkF/Tfn
Score

1^/10
behavioral18
- Target
  
  data/lang/ko-KR.xml
- Size
  
  5KB
- MD5
  
  83f5faa5784fe13692a39176f02eb36b
- SHA1
  
  e75885c1b9798a01c782ea117dc1ac94e681f424
- SHA256
  
  838cc632fa0627ec304b4a65853302acacfd0d282cf614fc569d0b0f2f6cfc28
- SHA512
  
  058b782ae1b8c2392563e674d659fea5a46216cba41cb0a9ed9152cea08faf1d3792ab476d4828478d385a30c80b7a2fd646e3c48a0b89ee493b4da956b1a4bb
- SSDEEP
  
  96:rz4SkV85yRDfxZjVfT5oRK8nzb9dMMMKV+qqMbQuVJFUcrS1LZv/MimrTuHcTiU:rzr0fF5U1zjMMMKVRqMEvdJJxC
Score

1^/10
behavioral19
- Target
  
  data/lang/pt-BR.xml
- Size
  
  3KB
- MD5
  
  b3eed9314307e80c8618ff39109f5eee
- SHA1
  
  92f5d781a50ff132ffcf56d0828ee0ee1275f7e4
- SHA256
  
  06d23ebca32c22266162f1b5610579094cba2d224cf7e0f183fc389effd5b6d1
- SHA512
  
  8dd71518c41f77ec9447b9adf29844df35a87f70a2544fc71202ade4484a31f4164b7b740bc1dc7a11ca47f1365fe938d7cb14824997e5f21cdf92a81e5b927b
Score

1^/10
behavioral20
- Target
  
  data/lang/ru-RU.xml
- Size
  
  4KB
- MD5
  
  53fac084c0151ee3f27df19b358d809d
- SHA1
  
  7e81ed0271910cc6840cabe249215898e8597cb1
- SHA256
  
  92c733586f0d980af7eb1290d66813e898baffec7e32b3fcbccd231ed3003ca2
- SHA512
  
  8d92cfb65308a1a38c6430ce4e6783451596cab95a8fd045ccf76f82b7a41b1601649f2994265438780f205172dac5d450fe11cfed996889227cc91cbe24b7b9
- SSDEEP
  
  96:zpZkGycE3Mx8MGuMz7+ik0llyKxu08bRmIZbgOT:zn1ydxMLMPdizb9
Score

1^/10
behavioral21
- Target
  
  data/lang/sv-SE.xml
- Size
  
  5KB
- MD5
  
  bfddd9a82959407949141b6298d265b9
- SHA1
  
  5573c0ca2a880f3cee24a72cb7de46d9d2626038
- SHA256
  
  456e80eda4aed352bfa0222438bdf72709b337245beb2b3803b70ab045cb10e2
- SHA512
  
  a81f581dd4c829e9474c6b2960782f193c50f9de003479d921931a22508ae4a76234180d30a64e3e01f7255cd53241dd8b93687185f2099fe2e470e0cfc0205c
- SSDEEP
  
  96:mJQkPo8NyYF0N1UVXBMROMi+6Hp9rIrc1OHw87mgqot08MQmysS7:EQ6fy7vUDMUMirHn4z3sS7
Score

1^/10
behavioral22
- Target
  
  data/lang/tr-TR.xml
- Size
  
  3KB
- MD5
  
  a846728d0c484d02fbc8acffc47f8172
- SHA1
  
  135213f55fa3519de1d91727f52dbe72e025a616
- SHA256
  
  394ca845a6107567de4b75a8fd3237f8257f0cf58e4a899c4d68ca0c61bde744
- SHA512
  
  4afecef8958223445811dfa20b1c0332a63ded014fb1a6eada7279cf2270e24ed398b7eae35025928282f6fdd1de306407c870c92615c5a8f8f837bb303b7299
Score

1^/10
behavioral23
- Target
  
  data/lang/zh-CN.xml
- Size
  
  4KB
- MD5
  
  7ef5563d4ff2e8d6dca588b8c0cd76e1
- SHA1
  
  f2697af675b51eb0fe6d01a5d9bb9408e6d137d1
- SHA256
  
  8d5cb82276680b5b4e447d9ea42b5a4250349dcce602b869348f01f883c7b022
- SHA512
  
  817c5fea056e7210c94f690658f82a2abf7d07ec7efbb3ddc43fe35c899a350fd0a56c3fc8fea5c56ce288dc38409ed1f89dce7dc485d1db0b218aecdb0ef297
- SSDEEP
  
  96:E10HXbXKJ6Gmv94gcTQCMmtzMl1+OmlxjLkOSAwpWVeWc2VhXF:EW2J6GmvKdTQCMmtzMl1UxvvVF
Score

1^/10
behavioral24
- Target
  
  data/lang/zh-SG.xml
- Size
  
  4KB
- MD5
  
  91bd720fa0494de3c4b6a3bdd729e577
- SHA1
  
  91a2ecc258ab52bb861a36670f52c8cdeb6709c3
- SHA256
  
  51c52f736bcf266c22c7d5f30b144cde9e1cfed380aa92e70bde217a25c91a6c
- SHA512
  
  7ec3ce05b44edf9838a1f6e7d34f0909b8152263d149447f9bd461975fff2aaaa33f96f0b4cf57df85714a823de0a78c7733a9de2b1a1b28aba7072faff041f4
- SSDEEP
  
  96:h10HXbXKJ6Gmv94gcTQCMmtzMl1+OmlxjLkOSAwpWVeWc2VhXF:hW2J6GmvKdTQCMmtzMl1UxvvVF
Score

1^/10
behavioral25
- Target
  
  data/lang/zh-TW.xml
- Size
  
  4KB
- MD5
  
  e75f5fb2e8217d4274a9d265c97f73ef
- SHA1
  
  93b596478ddc46796ee40c5fbb6018847f7b8dcb
- SHA256
  
  24170f8bc84b89f3e544b95f3409f49b31963a30dbfedab3b5b18101bcd87efe
- SHA512
  
  d9e03b61e7a1913bff54e04fb74214912b30dc68e95be378b5948e2ef5fa7f79ccd23659f7c7c012cf31718093bee1c77a6032d420ec2b03b6ed5057b1a0c669
- SSDEEP
  
  96:ByLbovr/KZRBLJc5CrVaZIxM/MT+bliCzcdN1CY0GIWrJ9d:4vQr/CRTc5aAIxM/MTelip7rp
Score

1^/10
behavioral26
- Target
  
  data/symbols/dwmcore.pdb/FE391E85AD4D28375DEEC10F0A4305871/dwmcore.pdb
- Size
  
  4.9MB
- MD5
  
  e0f3742299c308ed2a2531c13110a3f5
- SHA1
  
  7828a192e299226c45adc3b2ba1db40f90351d37
- SHA256
  
  4651b83cd9da638c76c55f92211172292b2e89f37d0e579a262e5cbbba330e51
- SHA512
  
  d6fa7e62ec7ce7f19368fe7082ad3134094cec38db7e78153a5994a1dfe5d4ce5c502090eb2cbcf4ec92ca790e72d0559fd6d85bcc19564b69de9dc1e1635e0d
- SSDEEP
  
  49152:4vyNK21/fg/wm13VZfMtJtqS46ZrjEu2unY5RpMjvkI/LvVynMuAE4jONdDn5koZ:CFbdBh
Score

3^/10
behavioral27
- Target
  
  data/symbols/uDWM.pdb/012BEBC018443A012AE75FE54EDC86871/uDWM.pdb
- Size
  
  1.1MB
- MD5
  
  21463943752ee6e27dd1077ca693cc41
- SHA1
  
  b78a77de22a758f517e54e5ea8c3b9147292a6e2
- SHA256
  
  78efc772f2fc975984e398cc0b612006321a5b9035fa83b26e2f51091fdea86a
- SHA512
  
  085b695dc61b6be23050e7e7a8055904e6ba40f706293cf291dfe766aecf4945a7438ebf16f5c47744e5dbf863c680010d6fb6d9f017824764c125768c8eb136
- SSDEEP
  
  24576:vS0HJmBpo4E/umgRORhbW9iGt4LfNj/Mxwaw/1h6lEbN6UOwXNpKjg9KxruyW31H:vSJ0umgRORhbW9iGt4LfNj/Mxwaw/1hp
Score

3^/10
behavioral28
- Target
  
  dbghelp.dll
- Size
  
  2.1MB
- MD5
  
  68e66b04c1d3289b0cc96391060c922a
- SHA1
  
  4176b12cc308f697ee49430c27f351c46f41e7eb
- SHA256
  
  131493d48eeec95099053066c90fa2a56adaede68aadf81c2f0201316598ca8a
- SHA512
  
  611e0f416e8ccd39bd61a25e290c09596e8f33999af608f77461d57b33cc13753614d72f2f57800a715a5eed1414338095004c09eba9a8be9bb6d29ddb4de7a1
- SSDEEP
  
  24576:oUaCbolDmqg16nkCCYJ+Wd+rxGJa1/XgvwmfCt0QdWFPTgZp2z3skeK:oUaCbolDM16njtKg8rVt0QdCTY2z3b
Score

1^/10
behavioral29
- Target
  
  symsrv.dll
- Size
  
  377KB
- MD5
  
  497fa5a31783c8c4f01868f148af3051
- SHA1
  
  b1eeb2cd1b5830d04b2e7af8f77f7f29d92051e7
- SHA256
  
  0c86ecde02f6f1914bb28cee8f0fe24d61514b64ec245e2205058bfbcddffe82
- SHA512
  
  f8df4f56086bd6013b3fb4644bca586f7685a42c7181dfccf55fae07354173b69884438dc1e79705423cded01be7a96a0b9bc550dd7a75febedbe55bb9a2f7f3
- SSDEEP
  
  6144:QaTukwLaV09TycV2GTEGkzYiYSmav6LtHNQbgjpeWhSGu:QtGV0pycV2kFkzHYSp6LccleN
Score

1^/10
behavioral30

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

T1112

Credential Access

Unsecured Credentials

T1552

Credentials In Files

T1552.001

Discovery

Peripheral Device Discovery

T1120

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Data from Local System

T1005

Command and Control

Web Service

T1102

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Targets

Drops startup file

Loads dropped DLL

Reads user/profile data of web browsers

Accesses cryptocurrency files/wallets, possible credential harvesting

Legitimate hosting services abused for malware hosting/C2

Looks up external IP address via web service

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20

behavioral21

behavioral22

behavioral23

behavioral24

behavioral25

behavioral26

behavioral27

behavioral28

behavioral29

behavioral30