General
-
Target
d25ce458d4604b07cd91fdc2b25359954568ab58b79c30e036d61ce42e654ad3
-
Size
1.2MB
-
Sample
230423-z18yzahe5t
-
MD5
d41f84a7d626eca22d62e49709e4c6d6
-
SHA1
06bc25e47b1bc2ee82cc58fee9c5cca8f05e0020
-
SHA256
d25ce458d4604b07cd91fdc2b25359954568ab58b79c30e036d61ce42e654ad3
-
SHA512
e1ecb8ddd56d3b0fbf491a594167f132ff34c0a4546558e55d9ab7b07b8032433024e63d3fe1a612cebfde564a6d4dd59e9789884e209765cf428be861cb49b8
-
SSDEEP
24576:hu0fRlKB2ZGPoUC1VqAUjfeEB7htX0yromAWB5HpS/gl:Y0+BshUC1VzUjjPP0/
Static task
static1
Malware Config
Targets
-
-
Target
d25ce458d4604b07cd91fdc2b25359954568ab58b79c30e036d61ce42e654ad3
-
Size
1.2MB
-
MD5
d41f84a7d626eca22d62e49709e4c6d6
-
SHA1
06bc25e47b1bc2ee82cc58fee9c5cca8f05e0020
-
SHA256
d25ce458d4604b07cd91fdc2b25359954568ab58b79c30e036d61ce42e654ad3
-
SHA512
e1ecb8ddd56d3b0fbf491a594167f132ff34c0a4546558e55d9ab7b07b8032433024e63d3fe1a612cebfde564a6d4dd59e9789884e209765cf428be861cb49b8
-
SSDEEP
24576:hu0fRlKB2ZGPoUC1VqAUjfeEB7htX0yromAWB5HpS/gl:Y0+BshUC1VzUjjPP0/
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-