General
-
Target
Loader.exe
-
Size
13.3MB
-
Sample
241223-16wfhatjcs
-
MD5
94789f7b0275dd8b29e39c74ebf5b454
-
SHA1
9bf5b2199499d60b4c8e789334b018de5e1be4f4
-
SHA256
a457b28616c4cce4e208da74f9712c1f12224db01ed17a4d18397b320f86407e
-
SHA512
69b892d81f46bc6474e6a9aaa4200b9b3d5838ba66e1df27d10eda63b96f742a358f51e4d2bd5772db5bbc4cac059693ccaf58b41b4e40a06dc6be5a7786c72e
-
SSDEEP
393216:nep9/LJB+kOGzEdf4Hf+apJbr/Fqyf0gsfNRqRjxgK2:nCT+7jAHhpJbr4vfHWVgK2
Behavioral task
behavioral1
Sample
Loader.exe
Resource
win7-20241010-en
Behavioral task
behavioral2
Sample
Loader.exe
Resource
win10v2004-20241007-en
Malware Config
Targets
-
-
Target
Loader.exe
-
Size
13.3MB
-
MD5
94789f7b0275dd8b29e39c74ebf5b454
-
SHA1
9bf5b2199499d60b4c8e789334b018de5e1be4f4
-
SHA256
a457b28616c4cce4e208da74f9712c1f12224db01ed17a4d18397b320f86407e
-
SHA512
69b892d81f46bc6474e6a9aaa4200b9b3d5838ba66e1df27d10eda63b96f742a358f51e4d2bd5772db5bbc4cac059693ccaf58b41b4e40a06dc6be5a7786c72e
-
SSDEEP
393216:nep9/LJB+kOGzEdf4Hf+apJbr/Fqyf0gsfNRqRjxgK2:nCT+7jAHhpJbr4vfHWVgK2
-
Drops file in Drivers directory
-
Clipboard Data
Adversaries may collect data stored in the clipboard from users copying information within or between applications.
-
Executes dropped EXE
-
Loads dropped DLL
-
Unsecured Credentials: Credentials In Files
Steal credentials from unsecured files.
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-
Obfuscated Files or Information: Command Obfuscation
Adversaries may obfuscate content during command execution to impede detection.
-
Enumerates processes with tasklist
-
Hide Artifacts: Hidden Files and Directories
-
MITRE ATT&CK Enterprise v15
Defense Evasion
Hide Artifacts
2Hidden Files and Directories
2Obfuscated Files or Information
1Command Obfuscation
1Credential Access
Credentials from Password Stores
1Credentials from Web Browsers
1Unsecured Credentials
3Credentials In Files
3