General
-
Target
07f3c859e53fecceef8cd392986569afba36c469a3c1ed83183392685d13eb87
-
Size
2.5MB
-
Sample
220213-ka38gafgh9
-
MD5
06a0a64600670d22fef72a35ede63383
-
SHA1
51bcb42d5f5f658e8af5f3fd54938c8495868c3f
-
SHA256
07f3c859e53fecceef8cd392986569afba36c469a3c1ed83183392685d13eb87
-
SHA512
c2c4f651ff9206d7db1b1b1d92a1e92fdcae8a76a44035958f133fa42d9ddde3a30135d9ee1e223faa0c28ea2248d4797d08992026ddf854ac6ffa3b88bb2d4d
Static task
static1
Behavioral task
behavioral1
Sample
07f3c859e53fecceef8cd392986569afba36c469a3c1ed83183392685d13eb87.exe
Resource
win7-en-20211208
Malware Config
Targets
-
-
Target
07f3c859e53fecceef8cd392986569afba36c469a3c1ed83183392685d13eb87
-
Size
2.5MB
-
MD5
06a0a64600670d22fef72a35ede63383
-
SHA1
51bcb42d5f5f658e8af5f3fd54938c8495868c3f
-
SHA256
07f3c859e53fecceef8cd392986569afba36c469a3c1ed83183392685d13eb87
-
SHA512
c2c4f651ff9206d7db1b1b1d92a1e92fdcae8a76a44035958f133fa42d9ddde3a30135d9ee1e223faa0c28ea2248d4797d08992026ddf854ac6ffa3b88bb2d4d
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-