Overview

overview

8

Static

static

3

WaveCrackedOP.exe

windows7-x64

7

WaveCrackedOP.exe

windows10-2004-x64

8

Resubmissions

27-12-2024 19:16

241227-xyv8zsxrhz 8

27-12-2024 18:55

241227-xkxjwsxqfw 8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    WaveCrackedOP.exe

  • Size

    39.6MB

  • Sample

    241227-xkxjwsxqfw

  • MD5

    17bf3222b14dbb2b9eba2fe9d5194dbd

  • SHA1

    9fcda114abaac3274d8a9c4a993fd8aaad95e170

  • SHA256

    dbfb2a2c4c136b5b2485dc226c576eae80b191173e90b8245880642dfaa570a5

  • SHA512

    250bf74f6584e9ed16999a4ffe74b648959ae47199770a216219fed5fb3e1125c51ca6f4109614e1351d558e3d049a2afce759b0b6a4d79f4828650cbcae93a0

  • SSDEEP

    786432:lhQQVl8ZrsEjyW88iwq3ObRqIW+e5R8t3orMxITX1blbAWQiwM9MQT25thym8uhl:DIgEjyWi3CRXW+eH8ghboE2Nyxuh0+

Score
8/10
discoveryevasionpyinstallerspywarestealer

Malware Config

Targets

    • Target

      WaveCrackedOP.exe

    • Size

      39.6MB

    • MD5

      17bf3222b14dbb2b9eba2fe9d5194dbd

    • SHA1

      9fcda114abaac3274d8a9c4a993fd8aaad95e170

    • SHA256

      dbfb2a2c4c136b5b2485dc226c576eae80b191173e90b8245880642dfaa570a5

    • SHA512

      250bf74f6584e9ed16999a4ffe74b648959ae47199770a216219fed5fb3e1125c51ca6f4109614e1351d558e3d049a2afce759b0b6a4d79f4828650cbcae93a0

    • SSDEEP

      786432:lhQQVl8ZrsEjyW88iwq3ObRqIW+e5R8t3orMxITX1blbAWQiwM9MQT25thym8uhl:DIgEjyWi3CRXW+eH8ghboE2Nyxuh0+

    Score
    8/10
    discoveryevasionspywarestealer

    • Disables Task Manager via registry modification

      evasion

    • Drops file in Drivers directory

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Legitimate hosting services abused for malware hosting/C2

    • Looks up external IP address via web service

      Uses a legitimate IP lookup service to find the infected system's external IP.

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks