General
-
Target
f16983211fa24cd3183dfee8fae7828381e9a49f90af8c69eb121f505566289d
-
Size
311KB
-
Sample
240428-kyppzscd5z
-
MD5
1fef036f016845e04ac3e1972726487b
-
SHA1
f366798d5dfa8223b16b5d45af8ba6011305f731
-
SHA256
f16983211fa24cd3183dfee8fae7828381e9a49f90af8c69eb121f505566289d
-
SHA512
d28cecdc24ff1509245184ea0270ac4dee65d3ba462670ad8b078e001bcf2d78518d453b89d288be7212bd3c1b4b1db0ff586fe03493bf0bc0df29dcc3256105
-
SSDEEP
3072:81EtfkRpO1weZ7BpH+10+M3cxmtUYYQqjUhUO0tXCYAa6nMipSujcgMS2jUHEca7:2oZpl88UYYtYhH0F2acigMtj8Eca1d
Static task
static1
Behavioral task
behavioral1
Sample
f16983211fa24cd3183dfee8fae7828381e9a49f90af8c69eb121f505566289d.exe
Resource
win10v2004-20240419-en
Malware Config
Extracted
stealc
http://185.172.128.76
-
url_path
/8681490a59ad0e34.php
Targets
-
-
Target
f16983211fa24cd3183dfee8fae7828381e9a49f90af8c69eb121f505566289d
-
Size
311KB
-
MD5
1fef036f016845e04ac3e1972726487b
-
SHA1
f366798d5dfa8223b16b5d45af8ba6011305f731
-
SHA256
f16983211fa24cd3183dfee8fae7828381e9a49f90af8c69eb121f505566289d
-
SHA512
d28cecdc24ff1509245184ea0270ac4dee65d3ba462670ad8b078e001bcf2d78518d453b89d288be7212bd3c1b4b1db0ff586fe03493bf0bc0df29dcc3256105
-
SSDEEP
3072:81EtfkRpO1weZ7BpH+10+M3cxmtUYYQqjUhUO0tXCYAa6nMipSujcgMS2jUHEca7:2oZpl88UYYtYhH0F2acigMtj8Eca1d
-
Downloads MZ/PE file
-
Loads dropped DLL
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-