General
-
Target
653c38174cc26098f23291a67cbcab5bbbe0d495d703b467aa3909dfac5813c4
-
Size
1.2MB
-
Sample
230423-pcnb9aeh2s
-
MD5
038dabbfcf08b62329425d2562876228
-
SHA1
83ae0092e1c96ce79a352a68f3b5be5854a66d34
-
SHA256
653c38174cc26098f23291a67cbcab5bbbe0d495d703b467aa3909dfac5813c4
-
SHA512
b0080a6aca2a7351b25a38f8d8640af9f64fd5c52556caf991d2cb32ad082047fe66c431dd8485433926f9bec0e77b48b3fe37210c15647092e89bcb7c0ca4ed
-
SSDEEP
24576:xButuJwtoMvyDu8a6TApXEq3Ulte9eH/kRfKdKmg1JPY64Qf20rp:PKuSVqE6EpX73U49Y/kHmIJPYbQf
Static task
static1
Malware Config
Targets
-
-
Target
653c38174cc26098f23291a67cbcab5bbbe0d495d703b467aa3909dfac5813c4
-
Size
1.2MB
-
MD5
038dabbfcf08b62329425d2562876228
-
SHA1
83ae0092e1c96ce79a352a68f3b5be5854a66d34
-
SHA256
653c38174cc26098f23291a67cbcab5bbbe0d495d703b467aa3909dfac5813c4
-
SHA512
b0080a6aca2a7351b25a38f8d8640af9f64fd5c52556caf991d2cb32ad082047fe66c431dd8485433926f9bec0e77b48b3fe37210c15647092e89bcb7c0ca4ed
-
SSDEEP
24576:xButuJwtoMvyDu8a6TApXEq3Ulte9eH/kRfKdKmg1JPY64Qf20rp:PKuSVqE6EpX73U49Y/kHmIJPYbQf
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-