General
-
Target
The_setup.exe
-
Size
867KB
-
Sample
220224-dtk3nsdbem
-
MD5
35a250a35e555ead15bc8ff7ee0ea7c0
-
SHA1
624475e7f6587228ba8d063459f156706a94b27a
-
SHA256
b1dc116552683116b461abae49a6fd122e850b184a9251cf69cb898d5f55785b
-
SHA512
d75346c7c8da783bc93528d6850fe1b8435f54e7c8b79cb1b6fcf4ca836690f0d85c3b250c71a55b70e5d4ae12372bad20346208113aee60640d446d122bc316
Static task
static1
Malware Config
Targets
-
-
Target
The_setup.exe
-
Size
867KB
-
MD5
35a250a35e555ead15bc8ff7ee0ea7c0
-
SHA1
624475e7f6587228ba8d063459f156706a94b27a
-
SHA256
b1dc116552683116b461abae49a6fd122e850b184a9251cf69cb898d5f55785b
-
SHA512
d75346c7c8da783bc93528d6850fe1b8435f54e7c8b79cb1b6fcf4ca836690f0d85c3b250c71a55b70e5d4ae12372bad20346208113aee60640d446d122bc316
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-