General
-
Target
dd5101030f15ee37924d09cda2c7f5713528e5bc3b190b29b06ce46fcb7f9d68
-
Size
1.2MB
-
Sample
230423-zd5m2afg45
-
MD5
111c5f07d973e4ebbcfbb4f0772ae37e
-
SHA1
cac8771863884d7053bb31a33c4e0a57765ac2f3
-
SHA256
dd5101030f15ee37924d09cda2c7f5713528e5bc3b190b29b06ce46fcb7f9d68
-
SHA512
68510c40a4540c4dc8a145416c4a3e91e7388a235b286c75d253471cd8fafa94d5a2576d2f638ff330ad4b24f256a8a8332ec5c41716fe96e00e7d6c527652d8
-
SSDEEP
24576:C8FAGzhOxi/8+hxyHwVrKZzyykcgwIk4vkoFNxeAs:XKoyI1EQVazy0RIk4vkoFHe
Static task
static1
Malware Config
Targets
-
-
Target
dd5101030f15ee37924d09cda2c7f5713528e5bc3b190b29b06ce46fcb7f9d68
-
Size
1.2MB
-
MD5
111c5f07d973e4ebbcfbb4f0772ae37e
-
SHA1
cac8771863884d7053bb31a33c4e0a57765ac2f3
-
SHA256
dd5101030f15ee37924d09cda2c7f5713528e5bc3b190b29b06ce46fcb7f9d68
-
SHA512
68510c40a4540c4dc8a145416c4a3e91e7388a235b286c75d253471cd8fafa94d5a2576d2f638ff330ad4b24f256a8a8332ec5c41716fe96e00e7d6c527652d8
-
SSDEEP
24576:C8FAGzhOxi/8+hxyHwVrKZzyykcgwIk4vkoFNxeAs:XKoyI1EQVazy0RIk4vkoFHe
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-