Overview

overview

10

Static

static

10

NoisettesB...ts.exe

windows7-x64

7

NoisettesB...ts.exe

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    NoisettesBlueprintsVIRUS.zip

  • Size

    474.4MB

  • Sample

    250320-zm7trasly2

  • MD5

    569971e847ad06827455234c0710d58a

  • SHA1

    f0840246b670f1350c05e08ef1d087eea51768e7

  • SHA256

    02555e6930fbca221da38d58f13af54c670d3c468545897bdde90aba12e8df9a

  • SHA512

    3c8cd6d6c383297881b142e049790396ab25e513bfe197a30d515f0824f29b97d4b12b55ace910b47b82fc77e5ef3b182dce8f43edb3a8a96c33889d63e38759

  • SSDEEP

    6291456:fDiCSrOOUFdGfLwCUEVb4Cd0s2tH4JfjTzXB+es8qfS3q4x88DEU+G9Ayg+SnNBb:fDiDOyU+Mc0IfjPX9gKaewUlCb7

Score
10/10
crealstealercredential_accessdiscoverypyinstallerspywarestealer

Malware Config

Targets

    • Target

      NoisettesBlueprints/NoisettesBlueprints.exe

    • Size

      7.1MB

    • MD5

      9f4c52e45f7560f487c0e9ec9354de34

    • SHA1

      cb909a9e5a73f23eac7d25c5c2aac39460ae8bfc

    • SHA256

      749823c7086831751302abc32b7d0bda2e916693db549d8534c5cf441569aecf

    • SHA512

      01792abc842531c3be995059959c41781f5849b9ed7256b98e2e503765bc27424a1182afc044f4cdad2172a5fc77123917f45e955f3c034eaeb6e7eba88f529f

    • SSDEEP

      196608:RCT+aj1rpnrJehwiIbZg4TIdQNm5XKCt7olJad0+:RCT+aoqbCdQyftQJad0+

    Score
    7/10
    discoverycredential_accessspywarestealer

    • Drops startup file

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Unsecured Credentials: Credentials In Files

      Steal credentials from unsecured files.

      credential_accessstealer

    • Accesses cryptocurrency files/wallets, possible credential harvesting

      spyware

    • Legitimate hosting services abused for malware hosting/C2

    • Looks up external IP address via web service

      Uses a legitimate IP lookup service to find the infected system's external IP.

    • Enumerates processes with tasklist

      discovery
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks