General
-
Target
ffaa265d7e23d3fcd11b7e8819ac5e969327b3bd7047f9bd47bd21a1ee676217
-
Size
217KB
-
Sample
230331-xykggscf98
-
MD5
b2460cb089ff6eda8ded75d9b858e718
-
SHA1
f996dd360d386816f917054fba8d4c2eb6e75eed
-
SHA256
ffaa265d7e23d3fcd11b7e8819ac5e969327b3bd7047f9bd47bd21a1ee676217
-
SHA512
6b06d1f1015c1118776990b91892d6feafad67e725c53910124e32b1b0abcee6241e7b212c0a87d3f42bc589bbaeb209de238ad4aad57130d8be0649119d2b7c
-
SSDEEP
3072:wyyt4UXN2aCnpU/1lfu4JftvXwz37qW5cVbQmP:5PUhCnpilTHvAz7SV0mP
Static task
static1
Malware Config
Extracted
stealc
http://arthurmaes.top/410b5129171f10ea.php
Targets
-
-
Target
ffaa265d7e23d3fcd11b7e8819ac5e969327b3bd7047f9bd47bd21a1ee676217
-
Size
217KB
-
MD5
b2460cb089ff6eda8ded75d9b858e718
-
SHA1
f996dd360d386816f917054fba8d4c2eb6e75eed
-
SHA256
ffaa265d7e23d3fcd11b7e8819ac5e969327b3bd7047f9bd47bd21a1ee676217
-
SHA512
6b06d1f1015c1118776990b91892d6feafad67e725c53910124e32b1b0abcee6241e7b212c0a87d3f42bc589bbaeb209de238ad4aad57130d8be0649119d2b7c
-
SSDEEP
3072:wyyt4UXN2aCnpU/1lfu4JftvXwz37qW5cVbQmP:5PUhCnpilTHvAz7SV0mP
-
Detects Stealc stealer
-
Downloads MZ/PE file
-
Loads dropped DLL
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-