Overview

overview

9

Static

static

3

6543e63e4e...0N.exe

windows7-x64

7

6543e63e4e...0N.exe

windows10-2004-x64

9

Sharing

Copy URL Twitter E-mail

General

  • Target

    6543e63e4e2b930538fa8a724c8d5940N.exe

  • Size

    653KB

  • Sample

    240906-cd1bzszejl

  • MD5

    6543e63e4e2b930538fa8a724c8d5940

  • SHA1

    60edf4f62c169b983600e6267f06ec67df2ea264

  • SHA256

    537b724cbabb065a2e72b44c15555f2bcd8695994e5310771ee27d9917ff0c6e

  • SHA512

    f5ec10a4ae3bd273d5eaf94ae09b2a6a9211faed38184b3a46faac44d429258d2595b4568748c049e4babcf41375a169cc5147bc595e326d1459035ef94e58a8

  • SSDEEP

    12288:ZUG5TS6WSzRltqV2sLifBztVt1RHmQpZ74Uh67Hr56z6uWat/NJf/2cptkXgocEy:55TL9RK4sgzBbGQX7I

Score
9/10
credential_accessdiscoveryspywarestealer

Malware Config

Targets

    • Target

      6543e63e4e2b930538fa8a724c8d5940N.exe

    • Size

      653KB

    • MD5

      6543e63e4e2b930538fa8a724c8d5940

    • SHA1

      60edf4f62c169b983600e6267f06ec67df2ea264

    • SHA256

      537b724cbabb065a2e72b44c15555f2bcd8695994e5310771ee27d9917ff0c6e

    • SHA512

      f5ec10a4ae3bd273d5eaf94ae09b2a6a9211faed38184b3a46faac44d429258d2595b4568748c049e4babcf41375a169cc5147bc595e326d1459035ef94e58a8

    • SSDEEP

      12288:ZUG5TS6WSzRltqV2sLifBztVt1RHmQpZ74Uh67Hr56z6uWat/NJf/2cptkXgocEy:55TL9RK4sgzBbGQX7I

    Score
    9/10
    discoverycredential_accessspywarestealer

    • Credentials from Password Stores: Credentials from Web Browsers

      Malicious Access or copy of Web Browser Credential store.

      credential_accessstealer

    • Loads dropped DLL

    • Accesses cryptocurrency files/wallets, possible credential harvesting

      spyware

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks