General
-
Target
e38724644ed4643ebcdea6b0ae8345bf094d9f6e6d81b0acb244f96a3129077e
-
Size
472KB
-
Sample
220201-dvs5nsfhdj
-
MD5
1d89655e3611bb3ea501f60433beca36
-
SHA1
4426a01bbf8c6670fb884ea6ed87923ccbcd025c
-
SHA256
e38724644ed4643ebcdea6b0ae8345bf094d9f6e6d81b0acb244f96a3129077e
-
SHA512
4901c78e7385c6fac493cbf8e09a7f2a98fe7cac62dc31c68e51954f9fd8b3afc5a0e3303701c64db8acd9d532661cc238a5d9a88916d6c1b6f9042a16335021
Static task
static1
Behavioral task
behavioral1
Sample
e38724644ed4643ebcdea6b0ae8345bf094d9f6e6d81b0acb244f96a3129077e.exe
Resource
win7-en-20211208
Behavioral task
behavioral2
Sample
e38724644ed4643ebcdea6b0ae8345bf094d9f6e6d81b0acb244f96a3129077e.exe
Resource
win10v2004-en-20220113
Malware Config
Targets
-
-
Target
e38724644ed4643ebcdea6b0ae8345bf094d9f6e6d81b0acb244f96a3129077e
-
Size
472KB
-
MD5
1d89655e3611bb3ea501f60433beca36
-
SHA1
4426a01bbf8c6670fb884ea6ed87923ccbcd025c
-
SHA256
e38724644ed4643ebcdea6b0ae8345bf094d9f6e6d81b0acb244f96a3129077e
-
SHA512
4901c78e7385c6fac493cbf8e09a7f2a98fe7cac62dc31c68e51954f9fd8b3afc5a0e3303701c64db8acd9d532661cc238a5d9a88916d6c1b6f9042a16335021
-
Arcane log file
Detects a log file produced by the Arcane Stealer.
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-