Overview

overview

10

Static

static

10

MIDNIGHT CS2.exe

windows7-x64

7

MIDNIGHT CS2.exe

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    MIDNIGHTCS2UPDATE.zip

  • Size

    15.6MB

  • Sample

    240622-tl83jatdpg

  • MD5

    3c289b210cec73ccbe89cd978a282eb2

  • SHA1

    08c4415cadb7ec44db4b31d2b249bd05c3b70e30

  • SHA256

    97c9a5cab96e4fa1adcaf5da236fbb479d539d48392ade77efaa030d66d1f5c5

  • SHA512

    5ddeea87f3da378dc1005d6386424fadfede575a8d10e2dd8fc25b4f5b77505c5459f07bd46fd5e77e51154b7a3b573c583c0c0f08b536c80a741b2819477905

  • SSDEEP

    393216:KqYAzeHFgW7Azuf77Ma8tGWLkdh02ZgBSm+PN4twjFho51Gp3kis6t3j:Fz+Fgaxz71GGI2LZeSm+ld1XZt3j

Score
10/10
crealstealerpyinstallerspywarestealer

Malware Config

Targets

    • Target

      MIDNIGHT CS2.exe

    • Size

      15.8MB

    • MD5

      09c540b93f5789a89e23ecf3f146f6d3

    • SHA1

      5cdfb72485d7ed7ecf2fa88ba356bfabca4a2d66

    • SHA256

      e8bb79dc1428186e6d5f892a4510b0834a3a270061ebff81982f5b9e4c859b8d

    • SHA512

      16264666c1b7035f43237fe8a4eb24cfb9ef3a3febc7ebe1c49eee146b7e9ae6ec1d1a5296d08f71e28936f3a8f5b1f8666dd2ee17c9ed5264ac604f790eb5b1

    • SSDEEP

      393216:bUiIE7Yo9+4uOwxHi+2ohcyLkW+eGQRe9jo7BGcGkaJKt/WoAfL9:R7r9+ROyHiRyc0kW+e5Re9MvpeL9

    Score
    7/10
    spywarestealer

    • Drops startup file

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Accesses cryptocurrency files/wallets, possible credential harvesting

      spyware

    • Looks up external IP address via web service

      Uses a legitimate IP lookup service to find the infected system's external IP.

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks