General
-
Target
373c28b9c759d5421a44cd74989e8d625eacdd025d6372c280f848ac8c12ab12
-
Size
906KB
-
Sample
210926-vnyj9afagr
-
MD5
b068a113e30c128a44db6d5241391b73
-
SHA1
5ded3d5d3ca89c8920c9563c9ba3ab41d576ef90
-
SHA256
373c28b9c759d5421a44cd74989e8d625eacdd025d6372c280f848ac8c12ab12
-
SHA512
31efbcf6beff8c17935ee91e50a298af6c1a74614e6efe9b9723148698df2f9731fcb97e2b05319fa5763370708fde5a8558fa251db13357ee6732d13016ebc7
Static task
static1
Malware Config
Targets
-
-
Target
373c28b9c759d5421a44cd74989e8d625eacdd025d6372c280f848ac8c12ab12
-
Size
906KB
-
MD5
b068a113e30c128a44db6d5241391b73
-
SHA1
5ded3d5d3ca89c8920c9563c9ba3ab41d576ef90
-
SHA256
373c28b9c759d5421a44cd74989e8d625eacdd025d6372c280f848ac8c12ab12
-
SHA512
31efbcf6beff8c17935ee91e50a298af6c1a74614e6efe9b9723148698df2f9731fcb97e2b05319fa5763370708fde5a8558fa251db13357ee6732d13016ebc7
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-