General
-
Target
e161025a0852bb3496c402d56ab72757b6538a7e341e91615fbf01271d9fda54
-
Size
1.1MB
-
Sample
230418-wtgz5adc33
-
MD5
8781c8d2f936241d3b8f5eaac82fdd9b
-
SHA1
c9c40167a103a97516ca89eea698116c1c55a4a3
-
SHA256
e161025a0852bb3496c402d56ab72757b6538a7e341e91615fbf01271d9fda54
-
SHA512
b3f560e22e287f891cd1cba18e282f2a70e362ed58e6846038d200e5f6b3c32ad4f67c339d8f8bf68afa1484691ad7daf2e9a10c79ccb5cb86265b48f902773c
-
SSDEEP
24576:8yNU3Lu49synQQ0uCHlV82ao3iI8U/adIvz:rNKnQQArKFIdF
Static task
static1
Malware Config
Targets
-
-
Target
e161025a0852bb3496c402d56ab72757b6538a7e341e91615fbf01271d9fda54
-
Size
1.1MB
-
MD5
8781c8d2f936241d3b8f5eaac82fdd9b
-
SHA1
c9c40167a103a97516ca89eea698116c1c55a4a3
-
SHA256
e161025a0852bb3496c402d56ab72757b6538a7e341e91615fbf01271d9fda54
-
SHA512
b3f560e22e287f891cd1cba18e282f2a70e362ed58e6846038d200e5f6b3c32ad4f67c339d8f8bf68afa1484691ad7daf2e9a10c79ccb5cb86265b48f902773c
-
SSDEEP
24576:8yNU3Lu49synQQ0uCHlV82ao3iI8U/adIvz:rNKnQQArKFIdF
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-