General
-
Target
cb8872338f99b859a24c9f5453efcc18e6967c3fc931fdc4d5d567198419cfb5
-
Size
481KB
-
Sample
220521-ab93ascghr
-
MD5
1fe7534fdde6a4f08e79b25e0051a3b8
-
SHA1
927938291ec2aa6f27e87adb66d6a16ba8e84abc
-
SHA256
cb8872338f99b859a24c9f5453efcc18e6967c3fc931fdc4d5d567198419cfb5
-
SHA512
15dda8a3a9e0e19992a8a5cda6bfab7af4a5bbba8b4daf470ea12b201f393c730836f7dcef117dc89869717521bd6d8b4233fa880b457ef091a149e4def6b3f3
Static task
static1
Behavioral task
behavioral1
Sample
cb8872338f99b859a24c9f5453efcc18e6967c3fc931fdc4d5d567198419cfb5.exe
Resource
win7-20220414-en
Malware Config
Targets
-
-
Target
cb8872338f99b859a24c9f5453efcc18e6967c3fc931fdc4d5d567198419cfb5
-
Size
481KB
-
MD5
1fe7534fdde6a4f08e79b25e0051a3b8
-
SHA1
927938291ec2aa6f27e87adb66d6a16ba8e84abc
-
SHA256
cb8872338f99b859a24c9f5453efcc18e6967c3fc931fdc4d5d567198419cfb5
-
SHA512
15dda8a3a9e0e19992a8a5cda6bfab7af4a5bbba8b4daf470ea12b201f393c730836f7dcef117dc89869717521bd6d8b4233fa880b457ef091a149e4def6b3f3
-
Arcane log file
Detects a log file produced by the Arcane Stealer.
-
suricata: ET MALWARE Sorano Stealer CnC Checkin
suricata: ET MALWARE Sorano Stealer CnC Checkin
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-