Overview

overview

10

Static

static

10

Ethical.exe

windows7-x64

7

Ethical.exe

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    Ethical.rar

  • Size

    17.0MB

  • Sample

    240515-n31vlagd53

  • MD5

    061dd1a950aacae377c02cb886808b4f

  • SHA1

    26ddde7ebd1d770a6e42c3c6aaa4bc85fe9d22d5

  • SHA256

    9b4afe688d34f7ed94d872bd3c34d7ac6e4f1ec5b605223bc743bf88c6fb8e4c

  • SHA512

    f9804f19f0f0cdd21a60a885618adee7b7220cfe244c9cc45e9af7413700ea219e5857b6a1637425fa2419636450a54493f94e1309e2f48554d25b45e3899384

  • SSDEEP

    393216:98v3z7nTUCIyyPa0prHAVa5fC4yq5QN4xEreqMe56ZebE3QPl65I9gIdqmr5TkAg:y7YChyPanIHyvNjreqZ6eo3Ql65I9ddW

Score
10/10
crealstealerpyinstallerspywarestealer

Malware Config

Targets

    • Target

      Ethical.exe

    • Size

      17.3MB

    • MD5

      10c4591b70b04030b5724abc75c703f7

    • SHA1

      d66ced77c9f2e3d52a1dd47ce1fdf29b85005952

    • SHA256

      bf510b596de5017c0fe960e89effb9de8cbfc84e4c8a5ae5459ba7d6182dc54c

    • SHA512

      ec7c16e954460553928a11d6a53ab551433c5e17862e6fbf7c9210211d6cd6821974e3f063a08255a958c0d35de821ba36893042ed85f2c5504c97e7ba4daf55

    • SSDEEP

      393216:4EkZQbFG8fdQuslSl99oWOv+9fg1e/qbETER3e:4hQbFG8fdQu9DorvSY1eCbETE

    Score
    7/10
    spywarestealer

    • Drops startup file

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Accesses cryptocurrency files/wallets, possible credential harvesting

      spyware

    • Legitimate hosting services abused for malware hosting/C2

    • Looks up external IP address via web service

      Uses a legitimate IP lookup service to find the infected system's external IP.

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks