General
-
Target
3d168c1e6c92f6a0fa14e20cf38daa406c41e3a21207873c13cdfe259e8eec76
-
Size
1.2MB
-
Sample
230423-1atl2ahe9t
-
MD5
2c1245cd0233187d81838a00e6f53e4b
-
SHA1
c2d75a0409dc73cfc2d31eb25d1ff71b232bae3b
-
SHA256
3d168c1e6c92f6a0fa14e20cf38daa406c41e3a21207873c13cdfe259e8eec76
-
SHA512
faac9bb1d70dfd58a04b5a6121ef43eed9422785eca88d72b8740b5225cef3f199a0696974e8a5af6bd37ca30483c988bbe440f835baadb760b374afa0951c0d
-
SSDEEP
24576:Bu0fRlKB2ZGPoUC1VqAUjfeEB7htX0yromAWB5HpS/gl:40+BshUC1VzUjjPP0/
Static task
static1
Malware Config
Targets
-
-
Target
3d168c1e6c92f6a0fa14e20cf38daa406c41e3a21207873c13cdfe259e8eec76
-
Size
1.2MB
-
MD5
2c1245cd0233187d81838a00e6f53e4b
-
SHA1
c2d75a0409dc73cfc2d31eb25d1ff71b232bae3b
-
SHA256
3d168c1e6c92f6a0fa14e20cf38daa406c41e3a21207873c13cdfe259e8eec76
-
SHA512
faac9bb1d70dfd58a04b5a6121ef43eed9422785eca88d72b8740b5225cef3f199a0696974e8a5af6bd37ca30483c988bbe440f835baadb760b374afa0951c0d
-
SSDEEP
24576:Bu0fRlKB2ZGPoUC1VqAUjfeEB7htX0yromAWB5HpS/gl:40+BshUC1VzUjjPP0/
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-