General
-
Target
92.exe
-
Size
7.0MB
-
Sample
230319-b1py4agd9s
-
MD5
867aeddf1e39f9d7a7a46332c4b5d201
-
SHA1
8c0da74db407be99dc3963a2256e4d29886e4c62
-
SHA256
44d21ea143ece509c6bb52d87090c7e4353c931b2be94021b0cee8a5d5854a50
-
SHA512
257ae1811316caa2485353b55983dcb6596d3ad29815b876556e3a9624a99bab9b1ae691e3f2fe2a92be769853ea47a48d004f3601ab55df98cbc077e0811825
-
SSDEEP
3072:HFwQeyUS7mBiVI9erx7qgBU6HwgknMRi1+0WwX:HyQ/q9uugm6mnMc12w
Static task
static1
Behavioral task
behavioral1
Sample
92.exe
Resource
win7-20230220-en
Malware Config
Targets
-
-
Target
92.exe
-
Size
7.0MB
-
MD5
867aeddf1e39f9d7a7a46332c4b5d201
-
SHA1
8c0da74db407be99dc3963a2256e4d29886e4c62
-
SHA256
44d21ea143ece509c6bb52d87090c7e4353c931b2be94021b0cee8a5d5854a50
-
SHA512
257ae1811316caa2485353b55983dcb6596d3ad29815b876556e3a9624a99bab9b1ae691e3f2fe2a92be769853ea47a48d004f3601ab55df98cbc077e0811825
-
SSDEEP
3072:HFwQeyUS7mBiVI9erx7qgBU6HwgknMRi1+0WwX:HyQ/q9uugm6mnMc12w
-
Downloads MZ/PE file
-
Loads dropped DLL
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-