General
-
Target
688c52dfa4d352f0889d57c0ae8ce6f0.exe
-
Size
561KB
-
Sample
210421-c2s9s9wy76
-
MD5
688c52dfa4d352f0889d57c0ae8ce6f0
-
SHA1
da1effc64d993b9944a5439c45ff126b35339852
-
SHA256
ef8005272329b2b0185a50722611c97629694f2a4c7d5ab68e77b7506f708138
-
SHA512
1ff821ea495b7bb8cfff7e3e0e4b80069330558f3d572c5ea23dfaf799fc96cde2929364fe2d8f9758a2a30a2d67108a544135602b1fdae444e0ff39176bdc41
Static task
static1
Behavioral task
behavioral1
Sample
688c52dfa4d352f0889d57c0ae8ce6f0.exe
Resource
win7v20210410
Malware Config
Targets
-
-
Target
688c52dfa4d352f0889d57c0ae8ce6f0.exe
-
Size
561KB
-
MD5
688c52dfa4d352f0889d57c0ae8ce6f0
-
SHA1
da1effc64d993b9944a5439c45ff126b35339852
-
SHA256
ef8005272329b2b0185a50722611c97629694f2a4c7d5ab68e77b7506f708138
-
SHA512
1ff821ea495b7bb8cfff7e3e0e4b80069330558f3d572c5ea23dfaf799fc96cde2929364fe2d8f9758a2a30a2d67108a544135602b1fdae444e0ff39176bdc41
-
Downloads MZ/PE file
-
Deletes itself
-
Loads dropped DLL
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-