General
-
Target
Insidious.exe
-
Size
303KB
-
Sample
240819-mzktjatbqq
-
MD5
73f91b648c6e449c678cc4bcaf217651
-
SHA1
8cb0cec0e31531b73bc04630c0ef86aec11894e6
-
SHA256
f2b5cbbdb4beb4ccfe4220af1bc7a1065524ee4dcad89fa180ccd3a4cac0d87a
-
SHA512
a2ad7c032bb93a9dc32a243cc0febb6fbe4272d44f381f6e9f2be7e94aca30a7b9871e9dd2a67f48b98202351605d81e5416e4c1d76275d590eba575bf8b006f
-
SSDEEP
6144:TRlT6MDdbICydeBV9suqPmlF62y6bmA1D0Gsp:TRT4uqPmH6Dg1Dmp
Behavioral task
behavioral1
Sample
Insidious.exe
Resource
win7-20240705-en
Behavioral task
behavioral2
Sample
Insidious.exe
Resource
win10v2004-20240802-en
Malware Config
Extracted
44caliber
https://discord.com/api/webhooks/1275043194824032316/eqfjpwfw-Aa32DfOOcp2pilYlVMwJCH973ItNa5eap8KHs1eapnkS0U23LDUza9Imjji
Targets
-
-
Target
Insidious.exe
-
Size
303KB
-
MD5
73f91b648c6e449c678cc4bcaf217651
-
SHA1
8cb0cec0e31531b73bc04630c0ef86aec11894e6
-
SHA256
f2b5cbbdb4beb4ccfe4220af1bc7a1065524ee4dcad89fa180ccd3a4cac0d87a
-
SHA512
a2ad7c032bb93a9dc32a243cc0febb6fbe4272d44f381f6e9f2be7e94aca30a7b9871e9dd2a67f48b98202351605d81e5416e4c1d76275d590eba575bf8b006f
-
SSDEEP
6144:TRlT6MDdbICydeBV9suqPmlF62y6bmA1D0Gsp:TRT4uqPmH6Dg1Dmp
Score10/10-
Credentials from Password Stores: Credentials from Web Browsers
Malicious Access or copy of Web Browser Credential store.
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-