General
-
Target
1dd394baad84ec123553b0938a4299b8fd7c2b6ea0f1df67862c71d974cfbbb7
-
Size
1.7MB
-
Sample
220213-j811bshgbr
-
MD5
88c56d1b9f5b47bacd90a713124b8b56
-
SHA1
f85847676f898fdb01c12e4ddf88cce1bc839087
-
SHA256
1dd394baad84ec123553b0938a4299b8fd7c2b6ea0f1df67862c71d974cfbbb7
-
SHA512
d103b6bec2d718ae953b130c3edf72d38c6f980479a4df82f392d5c5677c767dc61694ea8a3b56244d5d20d7e2f52b72c17c186b6d05a420834e358e3147238a
Static task
static1
Behavioral task
behavioral1
Sample
1dd394baad84ec123553b0938a4299b8fd7c2b6ea0f1df67862c71d974cfbbb7.exe
Resource
win7-en-20211208
Malware Config
Targets
-
-
Target
1dd394baad84ec123553b0938a4299b8fd7c2b6ea0f1df67862c71d974cfbbb7
-
Size
1.7MB
-
MD5
88c56d1b9f5b47bacd90a713124b8b56
-
SHA1
f85847676f898fdb01c12e4ddf88cce1bc839087
-
SHA256
1dd394baad84ec123553b0938a4299b8fd7c2b6ea0f1df67862c71d974cfbbb7
-
SHA512
d103b6bec2d718ae953b130c3edf72d38c6f980479a4df82f392d5c5677c767dc61694ea8a3b56244d5d20d7e2f52b72c17c186b6d05a420834e358e3147238a
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-