General
-
Target
4f05150b6f5b22ea16afd5a5857ebe0c2864af66bf3dbd7ef013d982c23078b2
-
Size
1.2MB
-
Sample
230423-3e2jjsaa8x
-
MD5
cefb995c1718a3eb7035106fc62823ba
-
SHA1
e5df2ff8a7bc85f46299f4613b7a675714b2c047
-
SHA256
4f05150b6f5b22ea16afd5a5857ebe0c2864af66bf3dbd7ef013d982c23078b2
-
SHA512
5611968b8a496f82baa9854da72f28bde0947b5b379fb3cb7b3a751ac58c91878cc32dc51af193ec4c38c3c820f2bb4fb11cbe3a985bf8c4207fd0b2dfd794f4
-
SSDEEP
24576:ju0fRlKB2ZGPoUC1VqAUjfeEB7htX0yromAWB5HpS/gl:y0+BshUC1VzUjjPP0/
Static task
static1
Malware Config
Targets
-
-
Target
4f05150b6f5b22ea16afd5a5857ebe0c2864af66bf3dbd7ef013d982c23078b2
-
Size
1.2MB
-
MD5
cefb995c1718a3eb7035106fc62823ba
-
SHA1
e5df2ff8a7bc85f46299f4613b7a675714b2c047
-
SHA256
4f05150b6f5b22ea16afd5a5857ebe0c2864af66bf3dbd7ef013d982c23078b2
-
SHA512
5611968b8a496f82baa9854da72f28bde0947b5b379fb3cb7b3a751ac58c91878cc32dc51af193ec4c38c3c820f2bb4fb11cbe3a985bf8c4207fd0b2dfd794f4
-
SSDEEP
24576:ju0fRlKB2ZGPoUC1VqAUjfeEB7htX0yromAWB5HpS/gl:y0+BshUC1VzUjjPP0/
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-