General
-
Target
a8001f151c1ce13aac56097a2bf1f789.bin
-
Size
1.9MB
-
Sample
230330-b6sl6scc2t
-
MD5
99a7d927f138943ed8d892bf782e2e61
-
SHA1
b39dc9ca4c5bce9e34fc31a6edd19cb5f93b4bff
-
SHA256
56e07e3307b39cd0536005f7848995126510fc5c5f8112dd85a7eb59933279be
-
SHA512
d6f40462f8581195d4bb44d27e289b6809387afea29f3d17c22fa186f72c23f0b58d514f81a66dbc3c015ac32352205bacce5d9057861a2e8005ee43a20e00c6
-
SSDEEP
49152:3pOG2yIrUjfYgXrRSsCYQVDsIYgxdL1xX5hKj3U+s4l/4:3p528jfYgVqYm59zL1xXKjE+s4l/4
Static task
static1
Behavioral task
behavioral1
Sample
7fb411ee3e34e4b79b372b7d2321bf69b46de30c3286edccb7621562caefb60b.exe
Resource
win7-20230220-en
Malware Config
Targets
-
-
Target
7fb411ee3e34e4b79b372b7d2321bf69b46de30c3286edccb7621562caefb60b.exe
-
Size
3.9MB
-
MD5
a8001f151c1ce13aac56097a2bf1f789
-
SHA1
414d9f4219570bc75eb6e6cf2932c4fb407afa56
-
SHA256
7fb411ee3e34e4b79b372b7d2321bf69b46de30c3286edccb7621562caefb60b
-
SHA512
9c20f91c378d9559f6e5115857401def02145bb665a4c64f7842175b077bb6406544caa8197c9713f9b22943ffd87405beb809cf0e684c53b934acfe8d421060
-
SSDEEP
49152:ZHVpQMSWLLKUmQUSgYaNrb5c90DNQdjK/c0kCs:Z1pjSWL5
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Suspicious use of SetThreadContext
-