General
-
Target
830bf0e8eec431d503aaaea6610b07b8.exe
-
Size
562KB
-
Sample
210421-3lfg6m2s5s
-
MD5
830bf0e8eec431d503aaaea6610b07b8
-
SHA1
4aeb762c22d5021f84f58a6dd8c15a45b356631e
-
SHA256
ed6ad746aa432e0e2a0981b996869bd86349697f3850930d195bac3c360e3df8
-
SHA512
865d9451d0c4810f6f9b267452aa2dea71b02be416fa4ec099918427f28c3641d25941330358a605cc4f406ceb4e784ff61f8e3b6c85f71252aed37ce8a25b3d
Static task
static1
Behavioral task
behavioral1
Sample
830bf0e8eec431d503aaaea6610b07b8.exe
Resource
win7v20210408
Malware Config
Targets
-
-
Target
830bf0e8eec431d503aaaea6610b07b8.exe
-
Size
562KB
-
MD5
830bf0e8eec431d503aaaea6610b07b8
-
SHA1
4aeb762c22d5021f84f58a6dd8c15a45b356631e
-
SHA256
ed6ad746aa432e0e2a0981b996869bd86349697f3850930d195bac3c360e3df8
-
SHA512
865d9451d0c4810f6f9b267452aa2dea71b02be416fa4ec099918427f28c3641d25941330358a605cc4f406ceb4e784ff61f8e3b6c85f71252aed37ce8a25b3d
-
Downloads MZ/PE file
-
Deletes itself
-
Loads dropped DLL
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-