General

  • Target

    Wave.exe

  • Size

    29.2MB

  • Sample

    240909-zkpkds1ema

  • MD5

    53f62792c95ea15ad277bbbd476c4d2b

  • SHA1

    2932b860b79ec5ec696d106e10a9fb3ec1579d0a

  • SHA256

    40ceed725ff1b1a362975b294f164d085d230d79b793ab4309b6d11d365e4160

  • SHA512

    8f0b4cc0d594e5cabef793d9753d5497db877b81841c859fffdc431dab582c2f288f5216ec56529c5b3b8ca9fdbb572ab78b8de20a15cc0f87a9f7686e32e02b

  • SSDEEP

    786432:p9N7BdbBQJbTiumfSM2ocESWqE9XZ6+eRyfrchLoF:/Ntd6xTivfSIfqi9rchoF

Score
7/10

Malware Config

Targets

    • Target

      Wave.exe

    • Size

      29.2MB

    • MD5

      53f62792c95ea15ad277bbbd476c4d2b

    • SHA1

      2932b860b79ec5ec696d106e10a9fb3ec1579d0a

    • SHA256

      40ceed725ff1b1a362975b294f164d085d230d79b793ab4309b6d11d365e4160

    • SHA512

      8f0b4cc0d594e5cabef793d9753d5497db877b81841c859fffdc431dab582c2f288f5216ec56529c5b3b8ca9fdbb572ab78b8de20a15cc0f87a9f7686e32e02b

    • SSDEEP

      786432:p9N7BdbBQJbTiumfSM2ocESWqE9XZ6+eRyfrchLoF:/Ntd6xTivfSIfqi9rchoF

    Score
    7/10
    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Legitimate hosting services abused for malware hosting/C2

    • Looks up external IP address via web service

      Uses a legitimate IP lookup service to find the infected system's external IP.

MITRE ATT&CK Enterprise v15

Tasks