Overview

overview

9

Static

static

1

$RPCH8TL.exe

windows11-21h2-x64

9

Resubmissions

07/08/2024, 03:41

240807-d8sfaszern 9

07/08/2024, 03:36

240807-d6bprstcja 6

Sharing

Copy URL Twitter E-mail

General

  • Target

    $RPCH8TL.exe

  • Size

    1.8MB

  • Sample

    240807-d8sfaszern

  • MD5

    5dd71ded97872447cfe7da9f0835284e

  • SHA1

    eac2ff88ab9c5b281da870c9e1ce7832cde98332

  • SHA256

    f35483e272ebce0638c0f3f154346b92ab41835427fb15438d6d8a53995ca686

  • SHA512

    bd8445ad3a615793703db7a01d8620d94a7cc5cf509f4f1ae7963645928c597c5d94e57a2594e1495b2f1f356bff81ea5ce72ec3dd2fc671d4b61ea5a61dec20

  • SSDEEP

    12288:o1f/akEkL8c9gJ0M/Ak7NXD4rKeXe9G4rKeXe9E4rKeXe9R4rKeXe9BnKW:uf/akE48c9ex/zXNnKW

Score
9/10
credential_accessdiscoverystealer

Malware Config

Targets

    • Target

      $RPCH8TL.exe

    • Size

      1.8MB

    • MD5

      5dd71ded97872447cfe7da9f0835284e

    • SHA1

      eac2ff88ab9c5b281da870c9e1ce7832cde98332

    • SHA256

      f35483e272ebce0638c0f3f154346b92ab41835427fb15438d6d8a53995ca686

    • SHA512

      bd8445ad3a615793703db7a01d8620d94a7cc5cf509f4f1ae7963645928c597c5d94e57a2594e1495b2f1f356bff81ea5ce72ec3dd2fc671d4b61ea5a61dec20

    • SSDEEP

      12288:o1f/akEkL8c9gJ0M/Ak7NXD4rKeXe9G4rKeXe9E4rKeXe9R4rKeXe9BnKW:uf/akE48c9ex/zXNnKW

    Score
    9/10
    credential_accessdiscoverystealer

    • Credentials from Password Stores: Credentials from Web Browsers

      Malicious Access or copy of Web Browser Credential store.

      credential_accessstealer

    • Legitimate hosting services abused for malware hosting/C2

    • Suspicious use of NtSetInformationThreadHideFromDebugger

    behavioral1

MITRE ATT&CK Enterprise v15

Tasks