General
-
Target
MainFile-Setup1-_2022_A_PasWrd.rar
-
Size
14.0MB
-
Sample
230302-ttz5ladf82
-
MD5
4f9e1d3674f7040904c3c39cdcfc50e7
-
SHA1
0549bdc4f055bc94250ad792883f41bf31069902
-
SHA256
0856726b29bb312422c3f0962ee081160dea8a3edd870a6050d480324b3b63f8
-
SHA512
facd559202a83ac4975e62be5097c5e5f4f219e42c156caac1c60bf25703ee056df040c598805ff753f1bc98852638115eb0d49fe734932fd1419f8271f5be75
-
SSDEEP
393216:OhPAI1wPgO4DKob4Qbzwn0D/Ak1lMWwBBtJTHybGolQdmOQmYb:Oh4cwoDDKobXOG/ARWsH9SaFQZmYb
Static task
static1
Behavioral task
behavioral1
Sample
MainFile-Setup1-_2022_A_PasWrd.rar
Resource
win7-20230220-es
Malware Config
Targets
-
-
Target
MainFile-Setup1-_2022_A_PasWrd.rar
-
Size
14.0MB
-
MD5
4f9e1d3674f7040904c3c39cdcfc50e7
-
SHA1
0549bdc4f055bc94250ad792883f41bf31069902
-
SHA256
0856726b29bb312422c3f0962ee081160dea8a3edd870a6050d480324b3b63f8
-
SHA512
facd559202a83ac4975e62be5097c5e5f4f219e42c156caac1c60bf25703ee056df040c598805ff753f1bc98852638115eb0d49fe734932fd1419f8271f5be75
-
SSDEEP
393216:OhPAI1wPgO4DKob4Qbzwn0D/Ak1lMWwBBtJTHybGolQdmOQmYb:Oh4cwoDDKobXOG/ARWsH9SaFQZmYb
-
Downloads MZ/PE file
-
Executes dropped EXE
-
Loads dropped DLL
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-