General
-
Target
720ae9355ab33d0a10059da07c7af1722b5c53daa94950e8d5f01ba330951efb
-
Size
367KB
-
Sample
211022-gjmejabbf7
-
MD5
d5f8480363477af877a9de9571311223
-
SHA1
fbee6ef8225637951bdb39f68a91701ba4d4d684
-
SHA256
720ae9355ab33d0a10059da07c7af1722b5c53daa94950e8d5f01ba330951efb
-
SHA512
43757b463f1217e2709ba6878b52923c24a475a4622018a0673e6c897a98a441696c3a8f5f4bf8e5485e679669d4d81169ff1e77887bc29da24c90783a49b325
Static task
static1
Malware Config
Extracted
cryptbot
veogmc52.top
mornoi05.top
-
payload_url
http://tynwyl15.top/download.php?file=penwa.exe
Targets
-
-
Target
720ae9355ab33d0a10059da07c7af1722b5c53daa94950e8d5f01ba330951efb
-
Size
367KB
-
MD5
d5f8480363477af877a9de9571311223
-
SHA1
fbee6ef8225637951bdb39f68a91701ba4d4d684
-
SHA256
720ae9355ab33d0a10059da07c7af1722b5c53daa94950e8d5f01ba330951efb
-
SHA512
43757b463f1217e2709ba6878b52923c24a475a4622018a0673e6c897a98a441696c3a8f5f4bf8e5485e679669d4d81169ff1e77887bc29da24c90783a49b325
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-