General
-
Target
8251e1eea261dc7fc85ad64d38d4b412b0e8891f07fe5585a56cd8fa094b7ea1
-
Size
1.2MB
-
Sample
230423-zb245afg28
-
MD5
a9bea2bef8ea36ec0459cf385a89b40c
-
SHA1
890e795dea2ff21937b3f6096f523856f22f552a
-
SHA256
8251e1eea261dc7fc85ad64d38d4b412b0e8891f07fe5585a56cd8fa094b7ea1
-
SHA512
b5f567d95bd8b6ad8644f8f7ddad0f1f4d91146aa392c07c1b36bb00bb285f4ab83047f4dfa815305f501b2f5c0b34257679dc199188b087c69bbebd0aaa0325
-
SSDEEP
24576:L8FAGzhOxi/8+hxyHwVrKZzyykcgwIk4vkoFNxeAs:wKoyI1EQVazy0RIk4vkoFHe
Static task
static1
Malware Config
Targets
-
-
Target
8251e1eea261dc7fc85ad64d38d4b412b0e8891f07fe5585a56cd8fa094b7ea1
-
Size
1.2MB
-
MD5
a9bea2bef8ea36ec0459cf385a89b40c
-
SHA1
890e795dea2ff21937b3f6096f523856f22f552a
-
SHA256
8251e1eea261dc7fc85ad64d38d4b412b0e8891f07fe5585a56cd8fa094b7ea1
-
SHA512
b5f567d95bd8b6ad8644f8f7ddad0f1f4d91146aa392c07c1b36bb00bb285f4ab83047f4dfa815305f501b2f5c0b34257679dc199188b087c69bbebd0aaa0325
-
SSDEEP
24576:L8FAGzhOxi/8+hxyHwVrKZzyykcgwIk4vkoFNxeAs:wKoyI1EQVazy0RIk4vkoFHe
-
Executes dropped EXE
-
Loads dropped DLL
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-