Overview

overview

8

Static

static

3

Multi Tool V1.exe

windows10-2004-x64

8

Resubmissions

28/08/2024, 22:18

240828-1737qsyhlb 8

28/08/2024, 22:16

240828-164rwa1dmj 3

28/08/2024, 22:11

240828-13w8mayfnd 3

Sharing

Copy URL
Twitter E-mail

General

  • Target

    Multi Tool V1.exe

  • Size

    102KB

  • Sample

    240828-1737qsyhlb

  • MD5

    8fbdf5098eada7d66ba3461be11ecb82

  • SHA1

    6be85f474692d7c73fcfa4b598c7ba1e30541860

  • SHA256

    71ef4ef378e7650d22e67b553e1746407db9cdab60b9ce80118a1d472f6f0871

  • SHA512

    d8850ef499cb6afe84a4df35964e9f00fe27c52eaac61c0c2384dc0da334337e1ff1e1d388cb0f25f4ce333522c7dfe4f8f359f9d8ab858c398b73ac67b93197

  • SSDEEP

    1536:Io7ftfkS5g9YOms+gZcQipICdXkNDqLLZX9lItVGL++eIOlnToIf/w0UhTVlOir8:ImFfHgTWmCRkGbKGLeNTBf/UvOU8

Score
8/10
discoveryspywarestealer

Malware Config

Targets

    • Target

      Multi Tool V1.exe

    • Size

      102KB

    • MD5

      8fbdf5098eada7d66ba3461be11ecb82

    • SHA1

      6be85f474692d7c73fcfa4b598c7ba1e30541860

    • SHA256

      71ef4ef378e7650d22e67b553e1746407db9cdab60b9ce80118a1d472f6f0871

    • SHA512

      d8850ef499cb6afe84a4df35964e9f00fe27c52eaac61c0c2384dc0da334337e1ff1e1d388cb0f25f4ce333522c7dfe4f8f359f9d8ab858c398b73ac67b93197

    • SSDEEP

      1536:Io7ftfkS5g9YOms+gZcQipICdXkNDqLLZX9lItVGL++eIOlnToIf/w0UhTVlOir8:ImFfHgTWmCRkGbKGLeNTBf/UvOU8

    Score
    8/10
    discoveryspywarestealer

    • Blocklisted process makes network request

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Looks up external IP address via web service

      Uses a legitimate IP lookup service to find the infected system's external IP.

    behavioral1

MITRE ATT&CK Enterprise v15

Tasks