General
-
Target
a8fdfee539cb9c74a7d86191abf110a1fa4dd55171567d156003cd82a386a3c6
-
Size
1.2MB
-
Sample
230423-zbb8psfg25
-
MD5
a9a87e37c65654b94e2130a3d1a108aa
-
SHA1
c7ddfb2bbdb83914f49b5f268bf7be0d9550a4ca
-
SHA256
a8fdfee539cb9c74a7d86191abf110a1fa4dd55171567d156003cd82a386a3c6
-
SHA512
ee454a5163e9197439a402e6be1c208d81d90b294670bd6c5964f1900b8d1953f38df5ba09bbd17d828ea93f8feb1e22bb78b761fb4edf90023741b2c28c7470
-
SSDEEP
24576:U8FAGzhOxi/8+hxyHwVrKZzyykcgwIk4vkoFNxeAs:dKoyI1EQVazy0RIk4vkoFHe
Static task
static1
Malware Config
Targets
-
-
Target
a8fdfee539cb9c74a7d86191abf110a1fa4dd55171567d156003cd82a386a3c6
-
Size
1.2MB
-
MD5
a9a87e37c65654b94e2130a3d1a108aa
-
SHA1
c7ddfb2bbdb83914f49b5f268bf7be0d9550a4ca
-
SHA256
a8fdfee539cb9c74a7d86191abf110a1fa4dd55171567d156003cd82a386a3c6
-
SHA512
ee454a5163e9197439a402e6be1c208d81d90b294670bd6c5964f1900b8d1953f38df5ba09bbd17d828ea93f8feb1e22bb78b761fb4edf90023741b2c28c7470
-
SSDEEP
24576:U8FAGzhOxi/8+hxyHwVrKZzyykcgwIk4vkoFNxeAs:dKoyI1EQVazy0RIk4vkoFHe
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-