General
-
Target
9d7fffbbea893e5ad1257530460a175b.exe
-
Size
562KB
-
Sample
210421-717qgycwra
-
MD5
9d7fffbbea893e5ad1257530460a175b
-
SHA1
5c79bac83d810d353fdc7befe6f1c6269e3ed8d5
-
SHA256
034e1739b306d259b4cff7a3954200468ea2577f716c10346f3e7f86cd5b4ad7
-
SHA512
ec48696cae653313989e17731bfcbd07db7ef5d5a7d7cf794cb3d23649ede02b47edb58a65666dacff391fcdfb50313bc491268b402bd9a7c2e3c975d7805128
Static task
static1
Behavioral task
behavioral1
Sample
9d7fffbbea893e5ad1257530460a175b.exe
Resource
win7v20210408
Malware Config
Targets
-
-
Target
9d7fffbbea893e5ad1257530460a175b.exe
-
Size
562KB
-
MD5
9d7fffbbea893e5ad1257530460a175b
-
SHA1
5c79bac83d810d353fdc7befe6f1c6269e3ed8d5
-
SHA256
034e1739b306d259b4cff7a3954200468ea2577f716c10346f3e7f86cd5b4ad7
-
SHA512
ec48696cae653313989e17731bfcbd07db7ef5d5a7d7cf794cb3d23649ede02b47edb58a65666dacff391fcdfb50313bc491268b402bd9a7c2e3c975d7805128
-
Downloads MZ/PE file
-
Deletes itself
-
Loads dropped DLL
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-