9770fde1f1e7fd98bedf06daa29c7451f52ad1719a0d606343846c73b34e8218 | Triage

Sharing

General

Target

9770fde1f1e7fd98bedf06daa29c7451f52ad1719a0d606343846c73b34e8218
Size

1.5MB
Sample

241121-l73tms1mc1
MD5

8e20ba2f6b7499d6b04745bd9310bc16
SHA1

8dd4d09c7c26a0922db8779598f5124468130017
SHA256

9770fde1f1e7fd98bedf06daa29c7451f52ad1719a0d606343846c73b34e8218
SHA512

66328775ef65b180300a0509dad7851bdf371210e8c8787050c47b55f2018ae16372b0ad8f5ac4019c53d2332d7e46789d3d601ae56249db69800531b5f38742
SSDEEP

24576:ffmMv6Ckr7Mny5QLvoU2lGCz1RJeW8wt9QKrgjiBrgYSenVtAjXzd06v8P:f3v+7/5QLvovlJewtBrgYDcXPv0

Score

6^/10

discovery spyware

Malware Config

Targets

- Target
  
  9770fde1f1e7fd98bedf06daa29c7451f52ad1719a0d606343846c73b34e8218
- Size
  
  1.5MB
- MD5
  
  8e20ba2f6b7499d6b04745bd9310bc16
- SHA1
  
  8dd4d09c7c26a0922db8779598f5124468130017
- SHA256
  
  9770fde1f1e7fd98bedf06daa29c7451f52ad1719a0d606343846c73b34e8218
- SHA512
  
  66328775ef65b180300a0509dad7851bdf371210e8c8787050c47b55f2018ae16372b0ad8f5ac4019c53d2332d7e46789d3d601ae56249db69800531b5f38742
- SSDEEP
  
  24576:ffmMv6Ckr7Mny5QLvoU2lGCz1RJeW8wt9QKrgjiBrgYSenVtAjXzd06v8P:f3v+7/5QLvovlJewtBrgYDcXPv0
Score

6^/10

discovery spyware
- Accesses cryptocurrency files/wallets, possible credential harvesting
  spyware
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Unsecured Credentials

Credentials In Files

Discovery

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryspyware

behavioral2

discoveryspyware