General
-
Target
ed6eb7bb956e18f064d2f5d0580471bace87b4c5deb4d26e345b8ef77dc34828
-
Size
217KB
-
Sample
230331-y961asee7s
-
MD5
5ae60f7a7cafcb69126a7baec93fea40
-
SHA1
3d0584765c6066994a9b5fe19efc845cb51748c0
-
SHA256
ed6eb7bb956e18f064d2f5d0580471bace87b4c5deb4d26e345b8ef77dc34828
-
SHA512
419641b312fbe1e1ca98b56103e3d47b7c21386d7b9374ab71eeca6eac343631121b8906d50da4df937ae3479a75e68e324710c2c6ab007f8651e753e48207fa
-
SSDEEP
3072:ohyXgVgr6aRCRCxgrdPH2/6mDOk6vWvTXQAv1sPW5cVqt6Lt:WxV4CYOkccQOwVqMLt
Static task
static1
Malware Config
Extracted
stealc
http://arthurmaes.top/410b5129171f10ea.php
Targets
-
-
Target
ed6eb7bb956e18f064d2f5d0580471bace87b4c5deb4d26e345b8ef77dc34828
-
Size
217KB
-
MD5
5ae60f7a7cafcb69126a7baec93fea40
-
SHA1
3d0584765c6066994a9b5fe19efc845cb51748c0
-
SHA256
ed6eb7bb956e18f064d2f5d0580471bace87b4c5deb4d26e345b8ef77dc34828
-
SHA512
419641b312fbe1e1ca98b56103e3d47b7c21386d7b9374ab71eeca6eac343631121b8906d50da4df937ae3479a75e68e324710c2c6ab007f8651e753e48207fa
-
SSDEEP
3072:ohyXgVgr6aRCRCxgrdPH2/6mDOk6vWvTXQAv1sPW5cVqt6Lt:WxV4CYOkccQOwVqMLt
-
Detects Stealc stealer
-
Downloads MZ/PE file
-
Loads dropped DLL
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-