General
-
Target
e2780d5f4e1a30a57a4e47f893370e60N.exe
-
Size
303KB
-
Sample
240823-x7anmsvarn
-
MD5
e2780d5f4e1a30a57a4e47f893370e60
-
SHA1
f5adbd631b5303cb832eb59085210176dfb0bdb6
-
SHA256
8d14c3ddc1f328f6afa101354b3bd237ea5f6d5ede5526c301d647db5e7b2829
-
SHA512
d9b68d4d01e6fc495afcbf2255f684a609fc96edfdb17cc34bd2b3c27d54374225424a7f16214f38ea44281f0f63c21e46edda89de71aacc72cfb0d8ab6198e1
-
SSDEEP
6144:h/oT6MDdbICydeBrdEGHpcJWbg6vmA1D0q0G:h/WJEGHpQWEM1DWG
Behavioral task
behavioral1
Sample
e2780d5f4e1a30a57a4e47f893370e60N.exe
Resource
win7-20240708-en
Behavioral task
behavioral2
Sample
e2780d5f4e1a30a57a4e47f893370e60N.exe
Resource
win10v2004-20240802-en
Malware Config
Extracted
44caliber
https://discord.com/api/webhooks/1275104139587616934/cVYjsimoHW_MSjxoI5Prmq28mq3wQZ0Q6S-d_VTdoxMVqXW-c2M0A6ByJLCYIAEg0gsS
Targets
-
-
Target
e2780d5f4e1a30a57a4e47f893370e60N.exe
-
Size
303KB
-
MD5
e2780d5f4e1a30a57a4e47f893370e60
-
SHA1
f5adbd631b5303cb832eb59085210176dfb0bdb6
-
SHA256
8d14c3ddc1f328f6afa101354b3bd237ea5f6d5ede5526c301d647db5e7b2829
-
SHA512
d9b68d4d01e6fc495afcbf2255f684a609fc96edfdb17cc34bd2b3c27d54374225424a7f16214f38ea44281f0f63c21e46edda89de71aacc72cfb0d8ab6198e1
-
SSDEEP
6144:h/oT6MDdbICydeBrdEGHpcJWbg6vmA1D0q0G:h/WJEGHpQWEM1DWG
Score10/10-
Credentials from Password Stores: Credentials from Web Browsers
Malicious Access or copy of Web Browser Credential store.
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-