General
-
Target
ww.exe
-
Size
13.8MB
-
Sample
240826-qf4dbawhkl
-
MD5
80290d95264f78abdc7305356a2f8f6f
-
SHA1
ea898e2eb111ad02928782e0f7fbe78bd6e5c0ec
-
SHA256
59e5e07ffa53ad721bc6b4c2ef435e08ae5b1286cda51415303978da474032d2
-
SHA512
96516577d615237fb373e9fb2dba9a8dfeebc580a6ed0aa2b0497a63413a24320fcce361a255e23d49f3a00d50151d9b0894fb8cba673b22562233dc757eb2b0
-
SSDEEP
196608:K9V4PKot664qg6drizHVPAgpGSjsihOiZlB9694tthJhE8ZT+Z+P:KIXFzWzHVsSjsi4AlB969ChJhE8ZI+P
Static task
static1
Behavioral task
behavioral1
Sample
ww.exe
Resource
win7-20240708-en
Malware Config
Targets
-
-
Target
ww.exe
-
Size
13.8MB
-
MD5
80290d95264f78abdc7305356a2f8f6f
-
SHA1
ea898e2eb111ad02928782e0f7fbe78bd6e5c0ec
-
SHA256
59e5e07ffa53ad721bc6b4c2ef435e08ae5b1286cda51415303978da474032d2
-
SHA512
96516577d615237fb373e9fb2dba9a8dfeebc580a6ed0aa2b0497a63413a24320fcce361a255e23d49f3a00d50151d9b0894fb8cba673b22562233dc757eb2b0
-
SSDEEP
196608:K9V4PKot664qg6drizHVPAgpGSjsihOiZlB9694tthJhE8ZT+Z+P:KIXFzWzHVsSjsi4AlB969ChJhE8ZI+P
-
SectopRAT payload
-
Credentials from Password Stores: Credentials from Web Browsers
Malicious Access or copy of Web Browser Credential store.
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Suspicious use of SetThreadContext
-