General
-
Target
9b39aa3c723c2eef7e7e39f89443d3aa.exe
-
Size
636KB
-
Sample
210423-pzk33nz88a
-
MD5
9b39aa3c723c2eef7e7e39f89443d3aa
-
SHA1
359dbd9cdf30fa03c154487f4ccd537f372c492c
-
SHA256
c885cbcd6ec66d984d6137a5cd9b60474760719bad20bf2593e4db3cb3f29244
-
SHA512
8d6c090976bddb5924b267bb6e07b1330ac864bcd17c3d0ca02c861d7702d08245db1f7d6e4efc7c8af9e0609cd41ee6ba8ae10e1d78060d55a619b02b3d33db
Static task
static1
Behavioral task
behavioral1
Sample
9b39aa3c723c2eef7e7e39f89443d3aa.exe
Resource
win7v20210408
Malware Config
Targets
-
-
Target
9b39aa3c723c2eef7e7e39f89443d3aa.exe
-
Size
636KB
-
MD5
9b39aa3c723c2eef7e7e39f89443d3aa
-
SHA1
359dbd9cdf30fa03c154487f4ccd537f372c492c
-
SHA256
c885cbcd6ec66d984d6137a5cd9b60474760719bad20bf2593e4db3cb3f29244
-
SHA512
8d6c090976bddb5924b267bb6e07b1330ac864bcd17c3d0ca02c861d7702d08245db1f7d6e4efc7c8af9e0609cd41ee6ba8ae10e1d78060d55a619b02b3d33db
-
Downloads MZ/PE file
-
Deletes itself
-
Loads dropped DLL
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-