General
-
Target
19869442691.zip
-
Size
1.5MB
-
Sample
241113-rtxncsxjcl
-
MD5
50f75c0e998b4b5e862a8eafb0d48c21
-
SHA1
05f987bdfb8bf6fe71d185c93fc6792cb4fc6126
-
SHA256
fd26f76a15c5fabf943fab36a9dafa7f7cf8e1b6ba7df9e8f1a8c32a66a02144
-
SHA512
5f3271d643939f65e60d8550bdbf884ecea6ea87212cfc37eacd0202dda4a8d2bc1691ba96df7de6ba96229344547ae465f5afa250cd42c2e0877d23184b06cf
-
SSDEEP
49152:dngWVP7aaSyaXK/jwck8mnDTSxBT2G/2aNv0e:OWtOyaXKbdk8mKB2aGe
Static task
static1
Behavioral task
behavioral1
Sample
ef076834e4ea6c21f03c61039adfaaa7cb2628c84a490e90146f15283281b7d5.exe
Resource
win10v2004-20241007-en
Malware Config
Targets
-
-
Target
ef076834e4ea6c21f03c61039adfaaa7cb2628c84a490e90146f15283281b7d5
-
Size
2.7MB
-
MD5
3a4bbfa7a1cc6fba3a9f9943a7bc7539
-
SHA1
bd55e8ffcd508e62070a5bf43d678863dd4696cc
-
SHA256
ef076834e4ea6c21f03c61039adfaaa7cb2628c84a490e90146f15283281b7d5
-
SHA512
0a6b76d924ebe9e413fc7c6df1fcaeee7e337244200b42e995909fc4778d6f99081721acc60ab00613570541fbfccb0ac578456ad122a2a7ec698dee36459352
-
SSDEEP
49152:dt0WJo6iw2+BCBhyGDz7cep+/Cz3ddQn0xIpxg2Wv9SJu3DH3FrzWZH3FrzWe:gQi2E9KidQn0xIpxg2Wv9D3FrCl3FrCe
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Suspicious use of SetThreadContext
-
MITRE ATT&CK Enterprise v15
Credential Access
Credentials from Password Stores
1Credentials from Web Browsers
1Unsecured Credentials
2Credentials In Files
2