General
-
Target
ddf70b408d5d5d458e6ca0105baf0d01fe8c08931125e643c221aac0523855a4
-
Size
704KB
-
Sample
230423-z6mmxsga27
-
MD5
b014f3a842b2c30f422d3daed873a894
-
SHA1
932b4a82baa4b2c08cc43732a80f521be47a6988
-
SHA256
ddf70b408d5d5d458e6ca0105baf0d01fe8c08931125e643c221aac0523855a4
-
SHA512
1b29aa2c1967211a44e309c1e54258db00af20a1893cc00f4bdb4b4ce84557fce968cdbd5aebaf2a86aa4e0419bafed0f4867a053bca1b637ec022b461ca1fbd
-
SSDEEP
12288:gy9082ERD9slx9jBWDufp14vZv8OJnHbcWI1QzCqHIzYMf9/rx5urDxFV6xC:gy47VBsCp1Yv97ccDHIkUcMM
Static task
static1
Malware Config
Targets
-
-
Target
ddf70b408d5d5d458e6ca0105baf0d01fe8c08931125e643c221aac0523855a4
-
Size
704KB
-
MD5
b014f3a842b2c30f422d3daed873a894
-
SHA1
932b4a82baa4b2c08cc43732a80f521be47a6988
-
SHA256
ddf70b408d5d5d458e6ca0105baf0d01fe8c08931125e643c221aac0523855a4
-
SHA512
1b29aa2c1967211a44e309c1e54258db00af20a1893cc00f4bdb4b4ce84557fce968cdbd5aebaf2a86aa4e0419bafed0f4867a053bca1b637ec022b461ca1fbd
-
SSDEEP
12288:gy9082ERD9slx9jBWDufp14vZv8OJnHbcWI1QzCqHIzYMf9/rx5urDxFV6xC:gy47VBsCp1Yv97ccDHIkUcMM
-
Executes dropped EXE
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-