General
-
Target
743b649f85cf06a18e0a9849c8fa0f1f.scr
-
Size
700.0MB
-
Sample
220913-p9ndhsbden
-
MD5
743b649f85cf06a18e0a9849c8fa0f1f
-
SHA1
2a1b83856daea22a7c15b7c192f97de5809ca5f9
-
SHA256
f8409f3fd49267e6e8997fa06f9e5ad0c41ed6710865624ab258fbb0f26093ca
-
SHA512
82ff9d4d3c7bb1f80d0acbb7ec0a507f3e896b7209a7ba52efbcdd02c1d4f7c3f581539eaccfe3cb9fd41381ae210b2c2294052c88efc7759348a15d7528b06b
-
SSDEEP
768:LLcMfSerGCU78VexBVVx8uCEvD+qYVRCPUJbzki7H1FCL+agG4EsZvjt:LzqSY/8JEb+l3h1s6ag7xjt
Static task
static1
Behavioral task
behavioral1
Sample
743b649f85cf06a18e0a9849c8fa0f1f.scr
Resource
win7-20220812-en
Malware Config
Targets
-
-
Target
743b649f85cf06a18e0a9849c8fa0f1f.scr
-
Size
700.0MB
-
MD5
743b649f85cf06a18e0a9849c8fa0f1f
-
SHA1
2a1b83856daea22a7c15b7c192f97de5809ca5f9
-
SHA256
f8409f3fd49267e6e8997fa06f9e5ad0c41ed6710865624ab258fbb0f26093ca
-
SHA512
82ff9d4d3c7bb1f80d0acbb7ec0a507f3e896b7209a7ba52efbcdd02c1d4f7c3f581539eaccfe3cb9fd41381ae210b2c2294052c88efc7759348a15d7528b06b
-
SSDEEP
768:LLcMfSerGCU78VexBVVx8uCEvD+qYVRCPUJbzki7H1FCL+agG4EsZvjt:LzqSY/8JEb+l3h1s6ag7xjt
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Suspicious use of SetThreadContext
-