General
-
Target
TrueImageMonitor.exe.zip
-
Size
12.0MB
-
Sample
241011-l96cjssfkp
-
MD5
1349e5fa010fe4e557cc6197d481f8c4
-
SHA1
40bb0d6409c53366f60e8e76e05a51c4ac626e29
-
SHA256
6d28395c39fbed6ab3ad6de927dd4944bd4d2f1eb325d9c0ff3241dfc3e2fa70
-
SHA512
c3577d4c4b63aa98ec1136aa9563b177cceed28456a19536609774cd2656546107999598acd168b7fab235f34f2c13ce8502a778334c61af2065c2dacdb7190c
-
SSDEEP
196608:KIFgiHycRriczS56Bjs+U1IyI8h5wa0Hi7ePXTNaE/DWmmIlNJEOsuFC:KUg24N5sF8jw5iK/JaEZm0NlM
Static task
static1
Behavioral task
behavioral1
Sample
TrueImageMonitor.exe
Resource
win7-20240903-en
Malware Config
Targets
-
-
Target
TrueImageMonitor.exe
-
Size
17.7MB
-
MD5
af7fc426bf2ee1d801a8180e31139dc1
-
SHA1
8b26d7e11be00149ea6a1c0a56a77f062b5ce432
-
SHA256
d2c7e32fb7cf7b97421dae75889afc0d8438b0cbbe6d608775751591a10d40c0
-
SHA512
c8f13f427e82c75f7c9dffe7b1716bb87f676d10dbb3249d940a4d30e5a22c292ab8837f59b14a89e5391b4cbb5ad7e37d0b4ec19aeb9665ef5eb90dd65d6c19
-
SSDEEP
393216:qKx81sE0EZgkLKNihH+MUoczZPm7TK0YfJW6HKDaFuK0qIxewV3kowTJUKlL70K9:iqczYfsBtUwV3kowTnL70KfdltFTqTl8
-
SectopRAT payload
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Suspicious use of SetThreadContext
-