General
-
Target
f1da6b6c4a051a95e98e58a9824e0a77c7b7c0485c1189134dd1733325af6ca9
-
Size
1.2MB
-
Sample
230423-z6wktshe7z
-
MD5
2d29714d25acbdd31d4ab8ea4490d193
-
SHA1
fe5a7bddf8e86ed52def8d5f6fa95f77198fd4a4
-
SHA256
f1da6b6c4a051a95e98e58a9824e0a77c7b7c0485c1189134dd1733325af6ca9
-
SHA512
0ca871459be306638a2de21c91292ceb08099cfaa54763be4e49827fc3643b6e6e5f19046f31bae64e2a867f36b146380d68498f9dd6a8641223927492e5779b
-
SSDEEP
24576:Ou0fRlKB2ZGPoUC1VqAUjfeEB7htX0yromAWB5HpS/gl:D0+BshUC1VzUjjPP0/
Static task
static1
Malware Config
Targets
-
-
Target
f1da6b6c4a051a95e98e58a9824e0a77c7b7c0485c1189134dd1733325af6ca9
-
Size
1.2MB
-
MD5
2d29714d25acbdd31d4ab8ea4490d193
-
SHA1
fe5a7bddf8e86ed52def8d5f6fa95f77198fd4a4
-
SHA256
f1da6b6c4a051a95e98e58a9824e0a77c7b7c0485c1189134dd1733325af6ca9
-
SHA512
0ca871459be306638a2de21c91292ceb08099cfaa54763be4e49827fc3643b6e6e5f19046f31bae64e2a867f36b146380d68498f9dd6a8641223927492e5779b
-
SSDEEP
24576:Ou0fRlKB2ZGPoUC1VqAUjfeEB7htX0yromAWB5HpS/gl:D0+BshUC1VzUjjPP0/
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-