General
-
Target
ba8575890f090e2f1526a1c56ef13ddecd3e217fb1863c104851ef6b57b0a161
-
Size
564KB
-
Sample
230423-z36lmafh89
-
MD5
a451e8e6a50e84a5d0933dd38fcc2c38
-
SHA1
107a4925c47a5e519aa34ab108d4536c31ae6253
-
SHA256
ba8575890f090e2f1526a1c56ef13ddecd3e217fb1863c104851ef6b57b0a161
-
SHA512
e642a91b3262372e298ead6fc7e66b80ce58d29277f44556ea7d705a5a2098c82173c1b95f59a1d0a38d2132d7ee4fd2add6d50f6acf6b795da5a2f15d94d8c0
-
SSDEEP
12288:Ry90Kbc15r2FKNqZIehzT0DYmnMBoyVCVq92l:Ry5+0KNqXJwDYyqoyVAqY
Static task
static1
Malware Config
Targets
-
-
Target
ba8575890f090e2f1526a1c56ef13ddecd3e217fb1863c104851ef6b57b0a161
-
Size
564KB
-
MD5
a451e8e6a50e84a5d0933dd38fcc2c38
-
SHA1
107a4925c47a5e519aa34ab108d4536c31ae6253
-
SHA256
ba8575890f090e2f1526a1c56ef13ddecd3e217fb1863c104851ef6b57b0a161
-
SHA512
e642a91b3262372e298ead6fc7e66b80ce58d29277f44556ea7d705a5a2098c82173c1b95f59a1d0a38d2132d7ee4fd2add6d50f6acf6b795da5a2f15d94d8c0
-
SSDEEP
12288:Ry90Kbc15r2FKNqZIehzT0DYmnMBoyVCVq92l:Ry5+0KNqXJwDYyqoyVAqY
-
Executes dropped EXE
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-