Overview

overview

10

Static

static

10

PASS 123/Cheat.exe

windows7-x64

7

PASS 123/Cheat.exe

windows10-2004-x64

1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    cheat.zip

  • Size

    356KB

  • Sample

    240224-l6kxfage98

  • MD5

    74bb909c47065411d9242ce832e9ebd9

  • SHA1

    9a5a9a2c190e61f1633e9b79291bd58b6777558b

  • SHA256

    85c31f1352ed3c45f44de66f9b401656aa78fe1d6d1e04928f79e4a91940e62f

  • SHA512

    80ad4f0fcf35b9485556fd712c1f8a0bef409ae34350cf4b0f72010209b75ff6524a44bc511320a4ab3c2414583951824b105de3adc5f30812a59abb86d5d6fc

  • SSDEEP

    6144:lu7uoo/966bpCF2RtyYFM0w5Pl6W6aSYMJj3PK0zquM1E6NrJbZVC:lhoy96VF2W0oPUVYuKPus3VC

Score
10/10
pandastealerspywarestealer

Malware Config

Targets

    • Target

      PASS 123/Cheat.exe

    • Size

      632KB

    • MD5

      5e5b920da0202fcaea9b4ca3343e905a

    • SHA1

      f22b1b8cdf7ab8622b8b73436ecf79a05af60b13

    • SHA256

      36fb80d3f7ee60a1d1d1e9975177dab0885e792fe09b443d0a38f72f0f36aad3

    • SHA512

      dce1f9b57bf9f6aacc5d97e6ecc1f69e64be2a0b39f4d62982f2de9662186a0d9f8c9f679a2f57267dda2b2a0cf8bd75e60c6e371638c7cfa30f48d50df45940

    • SSDEEP

      12288:qu02MXY5M92Sc9Cf7g9CXC2dDUpqDJlrjKLUozRS8pnk5:quj4qM9299CTg9CXCqD/rjKQAnk5

    Score
    7/10
    spywarestealer

    • Reads data files stored by FTP clients

      Tries to access configuration files associated with programs like FileZilla.

      spywarestealer

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer
    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Unsecured Credentials

2
T1552

Credentials In Files

2
T1552.001

Discovery

Lateral Movement

Collection

Data from Local System

2
T1005

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks