General
-
Target
Main__Setup.exe
-
Size
750.0MB
-
Sample
220307-x8bbkafgb4
-
MD5
195fdd6d2f23421e125c83596132a528
-
SHA1
9ee85d98aa7e571f4f9a47d2e6158ea2ed503471
-
SHA256
a1e6e556f5dc089cc77b6f71dbe5b4d2cd47167aca3d044024496275403815b8
-
SHA512
5a505b742373006257b9ebc952bade4183bc8a11d5941626e7afeb91bbc0a1142e4b83a8c885783a9c41b7be9040a246382032974e2091bf17d52bf80577e808
Static task
static1
Behavioral task
behavioral1
Sample
Main__Setup.exe
Resource
win7-en-20211208
Malware Config
Targets
-
-
Target
Main__Setup.exe
-
Size
750.0MB
-
MD5
195fdd6d2f23421e125c83596132a528
-
SHA1
9ee85d98aa7e571f4f9a47d2e6158ea2ed503471
-
SHA256
a1e6e556f5dc089cc77b6f71dbe5b4d2cd47167aca3d044024496275403815b8
-
SHA512
5a505b742373006257b9ebc952bade4183bc8a11d5941626e7afeb91bbc0a1142e4b83a8c885783a9c41b7be9040a246382032974e2091bf17d52bf80577e808
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
AutoIT Executable
AutoIT scripts compiled to PE executables.
-
Suspicious use of SetThreadContext
-