General
-
Target
8c953b1ac910fa0c987e6401777b1a4b28f71ef0bcad0e584b7b87b6e7ce97eb
-
Size
563KB
-
Sample
230423-3c9r5saa7x
-
MD5
3ec6fc39370500c213dbec63de2a31e3
-
SHA1
a51563f89a5410075dc714ed88b5f8793eaffec2
-
SHA256
8c953b1ac910fa0c987e6401777b1a4b28f71ef0bcad0e584b7b87b6e7ce97eb
-
SHA512
61df33a8f4ec650096163deeacb36c09036de9e14d565bd5f5803a1f2066e897f947dd685207282aed62c0666a15b958b0b90a5970babeb840e77c42bd87dfa8
-
SSDEEP
12288:Cy90DpfzeqN8SvfDNJLLh8IUDzF03pzcMR/tPpl0uA1mPJ:Cy4pfVN8SvfHlov+3pQa/dITYPJ
Static task
static1
Malware Config
Targets
-
-
Target
8c953b1ac910fa0c987e6401777b1a4b28f71ef0bcad0e584b7b87b6e7ce97eb
-
Size
563KB
-
MD5
3ec6fc39370500c213dbec63de2a31e3
-
SHA1
a51563f89a5410075dc714ed88b5f8793eaffec2
-
SHA256
8c953b1ac910fa0c987e6401777b1a4b28f71ef0bcad0e584b7b87b6e7ce97eb
-
SHA512
61df33a8f4ec650096163deeacb36c09036de9e14d565bd5f5803a1f2066e897f947dd685207282aed62c0666a15b958b0b90a5970babeb840e77c42bd87dfa8
-
SSDEEP
12288:Cy90DpfzeqN8SvfDNJLLh8IUDzF03pzcMR/tPpl0uA1mPJ:Cy4pfVN8SvfHlov+3pQa/dITYPJ
-
Executes dropped EXE
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-