General
-
Target
e832a3779dbc08eb16c7a898a7cdb68ed9c7df3fe3da55dd45f6aac2bcd250fc
-
Size
1.2MB
-
Sample
230423-3bfsnsaa6y
-
MD5
3de0e7aa3ab9e73372b39215a2a11d22
-
SHA1
83765c5c123fdb4a5d7f44604fcd174ed67366b0
-
SHA256
e832a3779dbc08eb16c7a898a7cdb68ed9c7df3fe3da55dd45f6aac2bcd250fc
-
SHA512
24ab0d27dca1550a55dfd45dd6fd99c5f6b3a3993c66be424e361efd36c2f9a43a5d94919045c11446652405a0e0eb4105764673e1b48ec53e8e3735ed5a922c
-
SSDEEP
24576:eu0fRlKB2ZGPoUC1VqAUjfeEB7htX0yromAWB5HpS/gl:T0+BshUC1VzUjjPP0/
Static task
static1
Malware Config
Targets
-
-
Target
e832a3779dbc08eb16c7a898a7cdb68ed9c7df3fe3da55dd45f6aac2bcd250fc
-
Size
1.2MB
-
MD5
3de0e7aa3ab9e73372b39215a2a11d22
-
SHA1
83765c5c123fdb4a5d7f44604fcd174ed67366b0
-
SHA256
e832a3779dbc08eb16c7a898a7cdb68ed9c7df3fe3da55dd45f6aac2bcd250fc
-
SHA512
24ab0d27dca1550a55dfd45dd6fd99c5f6b3a3993c66be424e361efd36c2f9a43a5d94919045c11446652405a0e0eb4105764673e1b48ec53e8e3735ed5a922c
-
SSDEEP
24576:eu0fRlKB2ZGPoUC1VqAUjfeEB7htX0yromAWB5HpS/gl:T0+BshUC1VzUjjPP0/
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-