General
-
Target
1d528029d0ffb09f9d2fe3c4044033e271f59fe3f79af3f934087cd5f493cd0c
-
Size
1.2MB
-
Sample
230423-1bhwxshe9z
-
MD5
2c5b57c9ee8c477eda2531899ff4de90
-
SHA1
6e7318d8554c6d1c56a6c5bfdd22016bbf43b6fd
-
SHA256
1d528029d0ffb09f9d2fe3c4044033e271f59fe3f79af3f934087cd5f493cd0c
-
SHA512
05a4e63d73aa3c74814b78354624b21aa707b79f8e1ae6543c621ce817d5ecef55117d7e3d49684345ab09e782898558abfe0ccdfb4276dc8b79f86ddd996b63
-
SSDEEP
24576:Au0fRlKB2ZGPoUC1VqAUjfeEB7htX0yromAWB5HpS/gl:N0+BshUC1VzUjjPP0/
Static task
static1
Malware Config
Targets
-
-
Target
1d528029d0ffb09f9d2fe3c4044033e271f59fe3f79af3f934087cd5f493cd0c
-
Size
1.2MB
-
MD5
2c5b57c9ee8c477eda2531899ff4de90
-
SHA1
6e7318d8554c6d1c56a6c5bfdd22016bbf43b6fd
-
SHA256
1d528029d0ffb09f9d2fe3c4044033e271f59fe3f79af3f934087cd5f493cd0c
-
SHA512
05a4e63d73aa3c74814b78354624b21aa707b79f8e1ae6543c621ce817d5ecef55117d7e3d49684345ab09e782898558abfe0ccdfb4276dc8b79f86ddd996b63
-
SSDEEP
24576:Au0fRlKB2ZGPoUC1VqAUjfeEB7htX0yromAWB5HpS/gl:N0+BshUC1VzUjjPP0/
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-