General
-
Target
Pass_55555_Setup.rar
-
Size
16MB
-
Sample
230212-pkc69adh37
-
MD5
e723764b64c812d553c53f88f02fc1b6
-
SHA1
13a7c40f7dccda372d4c96f8061d72c0d3c4b776
-
SHA256
ff87d820baf913ae59727dab8579b9f2d349b95bfb78aebcfeeb91cbce8c6ce3
-
SHA512
74e11cd487215bc1f8dbfb88f689b32ffa7ede074ca3d54a3aed75e85fdbd32ebdfadc554f37cbcd78c16603cc808244fd9df9d96e7276d07db2d1f7d032e0ea
-
SSDEEP
393216:4k47PRY7aDgd/8k8YsWBdMbOrnBMFREW/VapQI+6Szlk2hEG5+SLJZA:eY7Vd8GjMbKBMFRzMixzzhX1XA
Static task
static1
Behavioral task
behavioral1
Sample
Installer-x64bit.exe
Resource
win7-20221111-en
Malware Config
Targets
-
-
Target
Installer-x64bit.exe
-
Size
750MB
-
MD5
926183968d138d7486529820c768c3b5
-
SHA1
8058b2204ebdcbf19e888a628c94e201b108b58d
-
SHA256
a2465fc5059ea57c7b64b1dc01caf8735422a005ddb7fabeddfa3cbc89085ccf
-
SHA512
40b2b026c4058fd5d2c39de5b0d28fc64aca6df6a3610a7f332d2d2674ea5c6f85ca6a88fb9b6d53b47fbd816d6ebaea5e8b916c62b109012746fe075c90a93a
-
SSDEEP
6144:0WQoTBfjc6gSNv0owMEbjlqOVPrevcfK2fqcz1IOq:0WQ4OMc0OVPe2fx14
-
Downloads MZ/PE file
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-