General
-
Target
d6522f5c8f08352c11521654a1606275b0f085d30df4f113ea372b600aa3c564
-
Size
1.2MB
-
Sample
230423-3hv6yage66
-
MD5
50b09c086d2362f5ab10074f3453575c
-
SHA1
3f0f94028f576535fc2957a82053dbc4c4cfe32b
-
SHA256
d6522f5c8f08352c11521654a1606275b0f085d30df4f113ea372b600aa3c564
-
SHA512
e6943753fac9b8873a72c0a26a86ea85366437555e2a0ca20603b5851851a0fcbe39ae41c3b2af3bea15e6bfd9775e6db5c0edc00b2eddc9acd399369a1f49a4
-
SSDEEP
24576:Uu0fRlKB2ZGPoUC1VqAUjfeEB7htX0yromAWB5HpS/gl:Z0+BshUC1VzUjjPP0/
Static task
static1
Malware Config
Targets
-
-
Target
d6522f5c8f08352c11521654a1606275b0f085d30df4f113ea372b600aa3c564
-
Size
1.2MB
-
MD5
50b09c086d2362f5ab10074f3453575c
-
SHA1
3f0f94028f576535fc2957a82053dbc4c4cfe32b
-
SHA256
d6522f5c8f08352c11521654a1606275b0f085d30df4f113ea372b600aa3c564
-
SHA512
e6943753fac9b8873a72c0a26a86ea85366437555e2a0ca20603b5851851a0fcbe39ae41c3b2af3bea15e6bfd9775e6db5c0edc00b2eddc9acd399369a1f49a4
-
SSDEEP
24576:Uu0fRlKB2ZGPoUC1VqAUjfeEB7htX0yromAWB5HpS/gl:Z0+BshUC1VzUjjPP0/
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-