General
-
Target
884266406f11e034de97c494abd1106a.exe
-
Size
347KB
-
Sample
220610-v1ye1saag4
-
MD5
884266406f11e034de97c494abd1106a
-
SHA1
d3f9c78d3d47468688819272182ca1149221aaef
-
SHA256
328132c92e6b42bd191853561730acf00f4a4dd056b8bbd872cdae394d391bc2
-
SHA512
ebc3a0fac891c70a3bb25db6524368c7285e7f50f2ce184d3161164c41bd8b64144fa49256f76bb0180c4379b19577809e2bcd63da1c17e3f3ddd958b06ca98a
Static task
static1
Behavioral task
behavioral1
Sample
884266406f11e034de97c494abd1106a.exe
Resource
win7-20220414-en
Malware Config
Extracted
cryptbot
poqvyg22.top
Targets
-
-
Target
884266406f11e034de97c494abd1106a.exe
-
Size
347KB
-
MD5
884266406f11e034de97c494abd1106a
-
SHA1
d3f9c78d3d47468688819272182ca1149221aaef
-
SHA256
328132c92e6b42bd191853561730acf00f4a4dd056b8bbd872cdae394d391bc2
-
SHA512
ebc3a0fac891c70a3bb25db6524368c7285e7f50f2ce184d3161164c41bd8b64144fa49256f76bb0180c4379b19577809e2bcd63da1c17e3f3ddd958b06ca98a
-
Deletes itself
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-