General
-
Target
6635fb0d8619a28254c14f16c8f52bc3.exe
-
Size
636KB
-
Sample
210423-s3bvlxm7bs
-
MD5
6635fb0d8619a28254c14f16c8f52bc3
-
SHA1
dcfefcf3d063323a50458ce2b375d1bdf900ac98
-
SHA256
a0f86b221315031395511a0f54f29a14af07426c325a17c655bdca52e446e61c
-
SHA512
a2aa7feb634259ffc207dbd20a9d0b6ac7f20f0e9a73e19b0eea69d3e2986ed32a15be4a6cc43f292c91b0e09dce1277ccf214e8bd2cde86611c8acf0ad1db5e
Static task
static1
Behavioral task
behavioral1
Sample
6635fb0d8619a28254c14f16c8f52bc3.exe
Resource
win7v20210410
Malware Config
Targets
-
-
Target
6635fb0d8619a28254c14f16c8f52bc3.exe
-
Size
636KB
-
MD5
6635fb0d8619a28254c14f16c8f52bc3
-
SHA1
dcfefcf3d063323a50458ce2b375d1bdf900ac98
-
SHA256
a0f86b221315031395511a0f54f29a14af07426c325a17c655bdca52e446e61c
-
SHA512
a2aa7feb634259ffc207dbd20a9d0b6ac7f20f0e9a73e19b0eea69d3e2986ed32a15be4a6cc43f292c91b0e09dce1277ccf214e8bd2cde86611c8acf0ad1db5e
-
Downloads MZ/PE file
-
Deletes itself
-
Loads dropped DLL
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-