General
-
Target
7f127cd3338bace4a0c313b29b91f3bbbb34be9242d085f289353e20094e41e2
-
Size
1.2MB
-
Sample
230423-zes1mahd4z
-
MD5
c919f169533c592105bc0a8550a5e3c2
-
SHA1
c1b701627a0be18c69bb0887b9536a9f5e8d8bb5
-
SHA256
7f127cd3338bace4a0c313b29b91f3bbbb34be9242d085f289353e20094e41e2
-
SHA512
0c4a5dd14d15a81d9eddbb75977f43cd5215b0ef2b51935e56051846eab5b4272f223ba0def01c35144d43dc8aaea73a1bcf3d726480b475916d84cf89c509f6
-
SSDEEP
24576:D8FAGzhOxi/8+hxyHwVrKZzyykcgwIk4vkoFNxeAs:YKoyI1EQVazy0RIk4vkoFHe
Static task
static1
Malware Config
Targets
-
-
Target
7f127cd3338bace4a0c313b29b91f3bbbb34be9242d085f289353e20094e41e2
-
Size
1.2MB
-
MD5
c919f169533c592105bc0a8550a5e3c2
-
SHA1
c1b701627a0be18c69bb0887b9536a9f5e8d8bb5
-
SHA256
7f127cd3338bace4a0c313b29b91f3bbbb34be9242d085f289353e20094e41e2
-
SHA512
0c4a5dd14d15a81d9eddbb75977f43cd5215b0ef2b51935e56051846eab5b4272f223ba0def01c35144d43dc8aaea73a1bcf3d726480b475916d84cf89c509f6
-
SSDEEP
24576:D8FAGzhOxi/8+hxyHwVrKZzyykcgwIk4vkoFNxeAs:YKoyI1EQVazy0RIk4vkoFHe
-
Executes dropped EXE
-
Loads dropped DLL
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-