General
-
Target
dogecoin-1.14.2-win64-setup-unsigned.exe
-
Size
14.0MB
-
Sample
210211-egde8gzfsa
-
MD5
96e508b44dc99be34e4c8b56dc2920b7
-
SHA1
64e59a435fb840fdcceefa1744b0f1b78bf56039
-
SHA256
dc8cd7efd1318b293c473fbe4ab5aac994e78b9e379aa03fb166cee352f06e28
-
SHA512
f0a44700f74ddda30f57021a9b481f15e93932d293e6fcd6a866da8eb4d966b53fe25de3a6e16d6c36aefa8cda0972e263eedac0383f2b6e866a98b275cae915
Static task
static1
Behavioral task
behavioral1
Sample
dogecoin-1.14.2-win64-setup-unsigned.exe
Resource
win7v20201028
Behavioral task
behavioral2
Sample
dogecoin-1.14.2-win64-setup-unsigned.exe
Resource
win10v20201028
Malware Config
Targets
-
-
Target
dogecoin-1.14.2-win64-setup-unsigned.exe
-
Size
14.0MB
-
MD5
96e508b44dc99be34e4c8b56dc2920b7
-
SHA1
64e59a435fb840fdcceefa1744b0f1b78bf56039
-
SHA256
dc8cd7efd1318b293c473fbe4ab5aac994e78b9e379aa03fb166cee352f06e28
-
SHA512
f0a44700f74ddda30f57021a9b481f15e93932d293e6fcd6a866da8eb4d966b53fe25de3a6e16d6c36aefa8cda0972e263eedac0383f2b6e866a98b275cae915
Score8/10-
Executes dropped EXE
-
Modifies WinLogon to allow AutoLogon
Enables rebooting of the machine without requiring login credentials.
-
Loads dropped DLL
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Enumerates physical storage devices
Attempts to interact with connected storage/optical drive(s). Likely ransomware behaviour.
-