General
-
Target
fbfc9c06fc1d36d3cd5a40e213cf34daf37af387df633c7483773169ad19dd7a
-
Size
957KB
-
Sample
220215-e4gcxaaga6
-
MD5
8113407f7568148046887dbdd655e882
-
SHA1
9fbf9bff9436f1225ac9e1fa0918de0dd5d77db0
-
SHA256
fbfc9c06fc1d36d3cd5a40e213cf34daf37af387df633c7483773169ad19dd7a
-
SHA512
c0fef00069905b283c8796a814cf1d5872ed68e6e9615f1357c38463656714c31a7fca13ade4b1e2749c456f5b9db0a11115e394f3696b45bd6d6aef68f59361
Static task
static1
Behavioral task
behavioral1
Sample
fbfc9c06fc1d36d3cd5a40e213cf34daf37af387df633c7483773169ad19dd7a.exe
Resource
win7-en-20211208
Malware Config
Extracted
cryptbot
kelnob72.top
morwex07.top
-
payload_url
http://butfwo19.top/download.php?file=balkis.exe
Targets
-
-
Target
fbfc9c06fc1d36d3cd5a40e213cf34daf37af387df633c7483773169ad19dd7a
-
Size
957KB
-
MD5
8113407f7568148046887dbdd655e882
-
SHA1
9fbf9bff9436f1225ac9e1fa0918de0dd5d77db0
-
SHA256
fbfc9c06fc1d36d3cd5a40e213cf34daf37af387df633c7483773169ad19dd7a
-
SHA512
c0fef00069905b283c8796a814cf1d5872ed68e6e9615f1357c38463656714c31a7fca13ade4b1e2749c456f5b9db0a11115e394f3696b45bd6d6aef68f59361
-
Deletes itself
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-