General
-
Target
15faf66c3c88a87c8998b1d8f0cc85a4790937807758072659e68660038fd97c
-
Size
2.4MB
-
Sample
220213-j9wf8shgcn
-
MD5
6b50e9da2ccff3ec3116cc212f788da9
-
SHA1
9497caed8d0594fcddfbd77f61d1723a073df411
-
SHA256
15faf66c3c88a87c8998b1d8f0cc85a4790937807758072659e68660038fd97c
-
SHA512
9026edddaf3b648fe110f7c601f40e7c13ffb87bf127328cbaaba6cd6f919f35e83a0f59c56c0d92e7f5398bba19ac9a81f1e704f03974cbfbeccead9d9ff494
Static task
static1
Behavioral task
behavioral1
Sample
15faf66c3c88a87c8998b1d8f0cc85a4790937807758072659e68660038fd97c.exe
Resource
win7-en-20211208
Malware Config
Targets
-
-
Target
15faf66c3c88a87c8998b1d8f0cc85a4790937807758072659e68660038fd97c
-
Size
2.4MB
-
MD5
6b50e9da2ccff3ec3116cc212f788da9
-
SHA1
9497caed8d0594fcddfbd77f61d1723a073df411
-
SHA256
15faf66c3c88a87c8998b1d8f0cc85a4790937807758072659e68660038fd97c
-
SHA512
9026edddaf3b648fe110f7c601f40e7c13ffb87bf127328cbaaba6cd6f919f35e83a0f59c56c0d92e7f5398bba19ac9a81f1e704f03974cbfbeccead9d9ff494
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-