General
-
Target
0EA36781A2DC764A8B7873C07F133DD8.exe
-
Size
596KB
-
Sample
210420-v2h2l7vs26
-
MD5
0ea36781a2dc764a8b7873c07f133dd8
-
SHA1
14c9a912ecc8b062e795e4eac50dd17ae2633001
-
SHA256
217db78c9cc58c32d0929a4814584bed2d51769697370e173402bef9fe1d9f05
-
SHA512
2714ba9fcb6047cde610d3a3478295311c18460c7330a3dde636f1595aac58be17110a6e5ab57811ef0a71956384c5857f3fd0f54eac9af7431a56a12738b885
Static task
static1
Behavioral task
behavioral1
Sample
0EA36781A2DC764A8B7873C07F133DD8.exe
Resource
win7v20210408
Malware Config
Targets
-
-
Target
0EA36781A2DC764A8B7873C07F133DD8.exe
-
Size
596KB
-
MD5
0ea36781a2dc764a8b7873c07f133dd8
-
SHA1
14c9a912ecc8b062e795e4eac50dd17ae2633001
-
SHA256
217db78c9cc58c32d0929a4814584bed2d51769697370e173402bef9fe1d9f05
-
SHA512
2714ba9fcb6047cde610d3a3478295311c18460c7330a3dde636f1595aac58be17110a6e5ab57811ef0a71956384c5857f3fd0f54eac9af7431a56a12738b885
-
Downloads MZ/PE file
-
Deletes itself
-
Loads dropped DLL
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-