General
-
Target
CDC95F7C10CC944D1B9C48F551CAD3E0.exe
-
Size
3.6MB
-
Sample
210419-wp6lbjma5a
-
MD5
cdc95f7c10cc944d1b9c48f551cad3e0
-
SHA1
a93020433248c8e34b104922a0e0667609c700db
-
SHA256
a0ac775ecbfa0ab3218e32b09a0d4fdcd82e7ceaa31241dc106c4fc77e9b5ddb
-
SHA512
bec7720af3a62ca4c6ae0cca1d009ba497f8e4452a68c64a9312784677fe26863434d89d17ec059ae0b887c0d0e1efc4fa91120ab33369879b1d68e2459dda02
Static task
static1
Behavioral task
behavioral1
Sample
CDC95F7C10CC944D1B9C48F551CAD3E0.exe
Resource
win7v20210408
Malware Config
Targets
-
-
Target
CDC95F7C10CC944D1B9C48F551CAD3E0.exe
-
Size
3.6MB
-
MD5
cdc95f7c10cc944d1b9c48f551cad3e0
-
SHA1
a93020433248c8e34b104922a0e0667609c700db
-
SHA256
a0ac775ecbfa0ab3218e32b09a0d4fdcd82e7ceaa31241dc106c4fc77e9b5ddb
-
SHA512
bec7720af3a62ca4c6ae0cca1d009ba497f8e4452a68c64a9312784677fe26863434d89d17ec059ae0b887c0d0e1efc4fa91120ab33369879b1d68e2459dda02
-
Executes dropped EXE
-
Loads dropped DLL
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Suspicious use of SetThreadContext
-