General
-
Target
impact-cleaner.v1.45.exe
-
Size
26.9MB
-
Sample
241111-22r3ysxqdv
-
MD5
82b9535ffdfbec5de5222c88b59967d7
-
SHA1
afede90b95cd41b5b4dee44d7fb4d59994bb9b63
-
SHA256
a1519e208360a7dc1c6c9c94c1aa989040094ac6a7bd4998125f162c8de17127
-
SHA512
f8332915036a14d23a6194c23a86494e21fd144f902386c42e1339ba9c3b156f13a71d33232b6aed544b1a40bdc932993151e617defc6611b7407bd166facc2b
-
SSDEEP
786432:qn8ml6kKFfBr7hXz5I6D/jESWqE6nS48dMNt:M8mfKFJrVD5ZEqhj8ONt
Static task
static1
Behavioral task
behavioral1
Sample
impact-cleaner.v1.45.exe
Resource
win10v2004-20241007-en
Behavioral task
behavioral2
Sample
loader-o.pyc
Resource
win10v2004-20241007-en
Malware Config
Targets
-
-
Target
impact-cleaner.v1.45.exe
-
Size
26.9MB
-
MD5
82b9535ffdfbec5de5222c88b59967d7
-
SHA1
afede90b95cd41b5b4dee44d7fb4d59994bb9b63
-
SHA256
a1519e208360a7dc1c6c9c94c1aa989040094ac6a7bd4998125f162c8de17127
-
SHA512
f8332915036a14d23a6194c23a86494e21fd144f902386c42e1339ba9c3b156f13a71d33232b6aed544b1a40bdc932993151e617defc6611b7407bd166facc2b
-
SSDEEP
786432:qn8ml6kKFfBr7hXz5I6D/jESWqE6nS48dMNt:M8mfKFJrVD5ZEqhj8ONt
-
ACProtect 1.3x - 1.4x DLL software
Detects file using ACProtect software.
-
Loads dropped DLL
-
Unsecured Credentials: Credentials In Files
Steal credentials from unsecured files.
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Legitimate hosting services abused for malware hosting/C2
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-
-
-
Target
loader-o.pyc
-
Size
270KB
-
MD5
34d8bbde7271fca8cc9e6217552e81df
-
SHA1
d87d6937e4800e4ada54a7bb55a5d1af97b40f20
-
SHA256
90c72b734fa8686536b8035a5d8ab79f3f12a78f406c8c4b79ba9799df65dd38
-
SHA512
fcaea44d0a16b2131a8481752bcf144d554634c55d9561a32359be7c305695f9e17e15463550591953b6537ce7a7a177ef9d42511f5d6af8c11a49ca0bffdd00
-
SSDEEP
1536:10+Euo40iC27aP/mMOtmsxhAUMFrM9CsaPzorucGNs3oCAmouIUsXFRzDsWm4xPQ:10+EranvZjBMkHCNcc0p8+dn
Score3/10 -
MITRE ATT&CK Enterprise v15
Credential Access
Credentials from Password Stores
1Credentials from Web Browsers
1Unsecured Credentials
3Credentials In Files
3