General
-
Target
book_520861.zip
-
Size
12.7MB
-
Sample
230330-m7ex9adh2t
-
MD5
c4c5aec5a33cee0f2df626663d6291e5
-
SHA1
1f9063106df59ae8f70f73b9c819478a547d5739
-
SHA256
3352330e698a710753c44346dbfbf2a3c14faae1a5b151c7890627a2dce6a4cf
-
SHA512
d93c6e1265cf5a928eb7af1728bbeecd300841792acd8938ffb3f8018e0c44188e47ba36155184367341db9dc104ff278672f1daf463d726b47f4ad3800acd2d
-
SSDEEP
98304:zCRxYfO4AeFkNiVl8+mJ+t1UNm9rDkDOVHmQbJW6yu:2RSfOlNiVG+m6fBkScQ1W6yu
Behavioral task
behavioral1
Sample
book_520861.scr
Resource
win7-20230220-en
Malware Config
Extracted
stealc
http://195.201.2.192/af1048e6cc914eaf.php
Targets
-
-
Target
book_520861.scr
-
Size
1024.0MB
-
MD5
21be7158cefb4908f938cbe6e9d4c38b
-
SHA1
fb1d257ead4b169123f3c672097b21553dc1cc29
-
SHA256
f16f0f6655038f09b9d420b479bd34ac6af8c3c34bd6901ec51c8aab7d714676
-
SHA512
7586eaedd451322009c6f042bfc97e605727227e02ff9ee2cf37d0053d03efa43ced42e362c11672dc3cb35726cb48e0a6901330889c2dee491e0b0d41cedca1
-
SSDEEP
98304:+/L7NgBcoUSU62141WH1sm6JloekpCbV6Nu1/DQfpQLetWVR94bu:+zNoUuSCm6JOekuTtQKWWb9ou
-
Detects Stealc stealer
-
Downloads MZ/PE file
-
Loads dropped DLL
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-