General
-
Target
1f16d3bbd1695dbc299d9a473f1356b7.exe
-
Size
633KB
-
Sample
210507-m7l82zvd8j
-
MD5
1f16d3bbd1695dbc299d9a473f1356b7
-
SHA1
23e15a37b6968f79d43125f92c6e75b56f1e2123
-
SHA256
545614bf6569f8cedfc491801a3d59121521bc0d1ecb3a72d34588598b6d74bb
-
SHA512
4e7cba2555037470b420fcb93e643ff1c7647b996438c5da9c28103af251033b93ae556c4806e1f281ee08bf46ede88ed74fe34f06287b6e79628e19b64cb477
Static task
static1
Behavioral task
behavioral1
Sample
1f16d3bbd1695dbc299d9a473f1356b7.exe
Resource
win7v20210408
Malware Config
Targets
-
-
Target
1f16d3bbd1695dbc299d9a473f1356b7.exe
-
Size
633KB
-
MD5
1f16d3bbd1695dbc299d9a473f1356b7
-
SHA1
23e15a37b6968f79d43125f92c6e75b56f1e2123
-
SHA256
545614bf6569f8cedfc491801a3d59121521bc0d1ecb3a72d34588598b6d74bb
-
SHA512
4e7cba2555037470b420fcb93e643ff1c7647b996438c5da9c28103af251033b93ae556c4806e1f281ee08bf46ede88ed74fe34f06287b6e79628e19b64cb477
-
Downloads MZ/PE file
-
Deletes itself
-
Loads dropped DLL
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-