General
-
Target
1d40cd7f0476317f4a83db242d3cb567661e162c7e92381b6d3f0b3d16a74996
-
Size
1.5MB
-
Sample
220213-j8592shgcj
-
MD5
2a279404e38c647f665226869a6c90ce
-
SHA1
b0320df2bbba50db1bde9212649fa8cf7cba1b2a
-
SHA256
1d40cd7f0476317f4a83db242d3cb567661e162c7e92381b6d3f0b3d16a74996
-
SHA512
903cb84a260a25be6cc211ed04afbe168fc375030b6c186e9cf6d00dfbf2cd63bad6c5b09ea539bb4c3a402f7f31451543947fd46d97a5da3dd6cc90d5b65d64
Static task
static1
Behavioral task
behavioral1
Sample
1d40cd7f0476317f4a83db242d3cb567661e162c7e92381b6d3f0b3d16a74996.exe
Resource
win7-en-20211208
Malware Config
Targets
-
-
Target
1d40cd7f0476317f4a83db242d3cb567661e162c7e92381b6d3f0b3d16a74996
-
Size
1.5MB
-
MD5
2a279404e38c647f665226869a6c90ce
-
SHA1
b0320df2bbba50db1bde9212649fa8cf7cba1b2a
-
SHA256
1d40cd7f0476317f4a83db242d3cb567661e162c7e92381b6d3f0b3d16a74996
-
SHA512
903cb84a260a25be6cc211ed04afbe168fc375030b6c186e9cf6d00dfbf2cd63bad6c5b09ea539bb4c3a402f7f31451543947fd46d97a5da3dd6cc90d5b65d64
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-