General
-
Target
6540419386212352.zip
-
Size
29.8MB
-
Sample
211115-1kc22abef6
-
MD5
fb5bfc30eb05343685dc6fb024154da0
-
SHA1
417412a4a831df75f95c53b0aa6d10de2054cc8e
-
SHA256
dabc7f8670116f83ff2e2e3be23bbaa8f8c238006e209ed344218e529a130d44
-
SHA512
dc660c62d7403c8214a5e580fe2db36f6802b9b4048c6f31a7bf4c5d56d7a1f9f46190eb5c33fde2da2746ce19fb80f0673651469ec62654c3296f29f3ecc62c
Static task
static1
Behavioral task
behavioral1
Sample
77bee09a3541dba878366b1c93835ebbfb316ab0b4487eb9b5f15eaa4c1277c3.exe
Resource
win7-en-20211104
Behavioral task
behavioral2
Sample
77bee09a3541dba878366b1c93835ebbfb316ab0b4487eb9b5f15eaa4c1277c3.exe
Resource
win10-en-20211014
Malware Config
Extracted
oski
projectblackhat.com
Targets
-
-
Target
77bee09a3541dba878366b1c93835ebbfb316ab0b4487eb9b5f15eaa4c1277c3
-
Size
29.8MB
-
MD5
f24c1c3b8d39e6e7a6d765c6ef69f8fd
-
SHA1
c3aba9eeeaa4b4ddadea83a6327826e81187d222
-
SHA256
77bee09a3541dba878366b1c93835ebbfb316ab0b4487eb9b5f15eaa4c1277c3
-
SHA512
c4102d32a2232d8d5844b080cf75c51419c5f276a33cc9cc1c707796ddfc0a670cffb07d494a0641a102a3fdd4f74424105eebec6ad9bf70ea4a3955fc89bb6f
Score10/10-
Downloads MZ/PE file
-
Executes dropped EXE
-
Loads dropped DLL
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-