General
-
Target
5415871e74aee4fd322c185e44e4dc17dbdd1a946e9d929bdabdc5fb4ae868e8
-
Size
1.2MB
-
Sample
230423-zc8cjafg38
-
MD5
540b3c06737edb8d699cf6c17dda0205
-
SHA1
25e267942569c1e7fc0c9becfda62282a0d4cd42
-
SHA256
5415871e74aee4fd322c185e44e4dc17dbdd1a946e9d929bdabdc5fb4ae868e8
-
SHA512
2db5edba3014305891accceadcb25a0000a6adb61dfce7842b47402c71cd857cd173b2f2602b7fcb56167700706a6e79faac0f4c60ee0706f5c590d4bf5d82e4
-
SSDEEP
24576:w8FAGzhOxi/8+hxyHwVrKZzyykcgwIk4vkoFNxeAs:ZKoyI1EQVazy0RIk4vkoFHe
Static task
static1
Malware Config
Targets
-
-
Target
5415871e74aee4fd322c185e44e4dc17dbdd1a946e9d929bdabdc5fb4ae868e8
-
Size
1.2MB
-
MD5
540b3c06737edb8d699cf6c17dda0205
-
SHA1
25e267942569c1e7fc0c9becfda62282a0d4cd42
-
SHA256
5415871e74aee4fd322c185e44e4dc17dbdd1a946e9d929bdabdc5fb4ae868e8
-
SHA512
2db5edba3014305891accceadcb25a0000a6adb61dfce7842b47402c71cd857cd173b2f2602b7fcb56167700706a6e79faac0f4c60ee0706f5c590d4bf5d82e4
-
SSDEEP
24576:w8FAGzhOxi/8+hxyHwVrKZzyykcgwIk4vkoFNxeAs:ZKoyI1EQVazy0RIk4vkoFHe
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-