Overview

overview

10

Static

static

10

Renicail/r...nu.exe

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    reni-main.zip

  • Size

    16.4MB

  • Sample

    250414-rdnerayk14

  • MD5

    8c44ef63d0306f0bfb9da71caa68a2df

  • SHA1

    f22d5c8995eb471fac9b20365fc82afa483011ae

  • SHA256

    6625922f4bcb3d41341bf514f1e5a33b716f3cba336ff73859b454bcb86ada09

  • SHA512

    5a29d9db7e2786b50627e1c42f4013d8bc3fa26a168182c49f554735279e33c6e1afaef3b00db7fdb0da1ed5494b6db0f2c469ab1b6e3c98143feda2772cffae

  • SSDEEP

    393216:9j+CQE0xNJZEZwWUK7v5bo1HYkuyrZvH3p02re:9j+p3qZAK7poZUyN/yIe

Score
10/10
crealstealercredential_accessdiscoverypyinstallerspywarestealer

Malware Config

Targets

    • Target

      Renicail/renicail_menu.exe

    • Size

      16.6MB

    • MD5

      1e242ecb3a0bd6a3bbb510cdf4b2250c

    • SHA1

      9bde576d012509aaf8e3febe6fe2a1ab21f6437d

    • SHA256

      cf6257d55f51e99a4f7a5cacd0a611dda670fcb38c7779fd32615efab2dcf824

    • SHA512

      b002270faaf5fd2065c973768353031b7f808af23949f0e1a03121b96c63b93a46ff4be735ebd3929f76f0ff2dfa29e765205c5e205d0990316591b6abc73414

    • SSDEEP

      393216:hu7L/pxgQ2aUX47d4arXsS8RzdChdjaK1:hCLBqQ2aUI7d4arXsS0KaK

    Score
    7/10
    credential_accessdiscoveryspywarestealer

    • Drops startup file

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Unsecured Credentials: Credentials In Files

      Steal credentials from unsecured files.

      credential_accessstealer

    • Accesses cryptocurrency files/wallets, possible credential harvesting

      spyware

    • Legitimate hosting services abused for malware hosting/C2

    • Looks up external IP address via web service

      Uses a legitimate IP lookup service to find the infected system's external IP.

    • Enumerates processes with tasklist

      discovery
    behavioral1

MITRE ATT&CK Enterprise v16

Tasks

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.