General
-
Target
81f031fef87877f5386e069506191a107450ea7d75a096e941829ef5c9f34d49
-
Size
218KB
-
Sample
230331-xnnq6acf43
-
MD5
85848348748da43e5496feab5bc83174
-
SHA1
471141600238bf1517fdd83d790da03d553c41e1
-
SHA256
81f031fef87877f5386e069506191a107450ea7d75a096e941829ef5c9f34d49
-
SHA512
ee5a5a6414fb3f9ccd78cd80bbde07ed0d0c71a57ba2868162ac825ffdf42fc3637db800f1f58fb37fa9c00473b34ef60aedb5ee1aecce5e9232f978787985ba
-
SSDEEP
3072:1Qy8P9HS7oFU3yHEMASzt8vXOtVuplJmgoR2nJ9F4IJ96RcIw5s8et8i:mlg1uEM3k+tVYlJtv3yRc+8eSi
Static task
static1
Malware Config
Extracted
stealc
http://arthurmaes.top/410b5129171f10ea.php
Targets
-
-
Target
81f031fef87877f5386e069506191a107450ea7d75a096e941829ef5c9f34d49
-
Size
218KB
-
MD5
85848348748da43e5496feab5bc83174
-
SHA1
471141600238bf1517fdd83d790da03d553c41e1
-
SHA256
81f031fef87877f5386e069506191a107450ea7d75a096e941829ef5c9f34d49
-
SHA512
ee5a5a6414fb3f9ccd78cd80bbde07ed0d0c71a57ba2868162ac825ffdf42fc3637db800f1f58fb37fa9c00473b34ef60aedb5ee1aecce5e9232f978787985ba
-
SSDEEP
3072:1Qy8P9HS7oFU3yHEMASzt8vXOtVuplJmgoR2nJ9F4IJ96RcIw5s8et8i:mlg1uEM3k+tVYlJtv3yRc+8eSi
-
Detects Stealc stealer
-
Downloads MZ/PE file
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-