General
-
Target
b64a9bf135a0c7edc4a02c04b532d4ba.exe
-
Size
562KB
-
Sample
210421-6pg5xvfy26
-
MD5
b64a9bf135a0c7edc4a02c04b532d4ba
-
SHA1
a0f68dac327a135e00e1087582a46efd796c4983
-
SHA256
aac55c1eebf403b1c8db9eed2812e6a84d95f4321738bd09bb4fd6630db94b96
-
SHA512
d80fdeb00deb19478368fe51f2b56c8a689317b65b75b8d9061ff4295afef5a7941ec3dda200b9e7a68d20bef16ec0d5a8ca194b846f716824949523abfd2465
Static task
static1
Behavioral task
behavioral1
Sample
b64a9bf135a0c7edc4a02c04b532d4ba.exe
Resource
win7v20210408
Malware Config
Targets
-
-
Target
b64a9bf135a0c7edc4a02c04b532d4ba.exe
-
Size
562KB
-
MD5
b64a9bf135a0c7edc4a02c04b532d4ba
-
SHA1
a0f68dac327a135e00e1087582a46efd796c4983
-
SHA256
aac55c1eebf403b1c8db9eed2812e6a84d95f4321738bd09bb4fd6630db94b96
-
SHA512
d80fdeb00deb19478368fe51f2b56c8a689317b65b75b8d9061ff4295afef5a7941ec3dda200b9e7a68d20bef16ec0d5a8ca194b846f716824949523abfd2465
-
Downloads MZ/PE file
-
Deletes itself
-
Loads dropped DLL
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-