General
-
Target
iltst.zip
-
Size
1006KB
-
Sample
241113-scl1zatfqc
-
MD5
326b7bbae46e8abe277e63095d9efe4f
-
SHA1
70b8d8ce804a8989eb74d3901331776d97bc5c35
-
SHA256
1d6f7584e8fc83a87851e579dc867c32792bcd329b7280bb100d9e0cba730b04
-
SHA512
48773399bbf25b2931abe25e333e3245f3c562738991130a008efaf328c48ec8870db4da298798e6c5e5d4feda7f5ed8f095d6bb4d634d26ec37c033e3e67957
-
SSDEEP
24576:5WlzeSSr2jN2T/9RrNrwPfdySQp+gZbAUfxEOOn6O4GLRzPw:AFyr2jNq9Rrody/+wbAjOOntq
Static task
static1
Behavioral task
behavioral1
Sample
TrustsFloors.exe
Resource
win7-20240903-en
Malware Config
Targets
-
-
Target
TrustsFloors.exe
-
Size
5.0MB
-
MD5
fa336bf8da39c7038728337838c89549
-
SHA1
6fe9f7814e263b5586749890eec7d4476e152a19
-
SHA256
54c17aaa9120aced43dd39d40e08f6626cc295b715aff5975810faa62e7f3d3d
-
SHA512
d5652bb5b4dd051fbc746cdd54150c980bcea60aecedcc4e0dd1fdd96283f87a30ddc9592c53f6233028fc416d7b9d1bf979b3302bedffae4c695e962ed63326
-
SSDEEP
24576:Iq8TYKmZfHSrijNMJ/9R5D3OPlJySANE6ZbAsfxaOOncOSGLXTTN+:F8TDrijNO9R5kJyREabA7OOn9jU
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Enumerates processes with tasklist
-
MITRE ATT&CK Enterprise v15
Credential Access
Credentials from Password Stores
1Credentials from Web Browsers
1Unsecured Credentials
2Credentials In Files
2