General
-
Target
9ff7923de3f164579964eab7e8f6e23a8ed18c488a862a504a23ef14281198de.zip
-
Size
1.3MB
-
Sample
210415-yp6kc7nfva
-
MD5
9bd9a0db11cf1dcd9df94fb46eee6cc9
-
SHA1
a0a04bd658fe4cf7bce338c97f589d5ce14552da
-
SHA256
4feb2d9a3efc72a6516f42131cbea4410ab599cfc82c2d381c2ff73f41b8fc05
-
SHA512
3272ed146153260d27d8199a5026709cc229250df9711c224aaac0aa11969cf6733b24f85cfa4877697c0a5fc8aaa969259e8fd53d4d5621acc18995647306bd
Static task
static1
Behavioral task
behavioral1
Sample
9ff7923de3f164579964eab7e8f6e23a8ed18c488a862a504a23ef14281198de.exe
Resource
win7v20210410
Malware Config
Targets
-
-
Target
9ff7923de3f164579964eab7e8f6e23a8ed18c488a862a504a23ef14281198de
-
Size
1.5MB
-
MD5
a812b477526d412e6d89d9733b935406
-
SHA1
dada6f2fde5f1679665625dfba529f0c13c1d1d5
-
SHA256
9ff7923de3f164579964eab7e8f6e23a8ed18c488a862a504a23ef14281198de
-
SHA512
2cd838e2d5a2c7ca6f4bfe6f2035084276677f526cab0194dd3b45007d8d0453528f8ded130dbd3484b751f76221f54c2c8866c137ddd44ae2096e3abefe0cff
-
Loads dropped DLL
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Suspicious use of SetThreadContext
-