General
-
Target
2aa12df8152079df69ce993e78508c12bd80d2d72408f808c51ce5f98c0b5adb
-
Size
1.2MB
-
Sample
230423-zfgc8afg49
-
MD5
14374b00b3c3897f4e9e66017c58c14b
-
SHA1
27e2ad45987be0f84314f27d5f749798d2c3f688
-
SHA256
2aa12df8152079df69ce993e78508c12bd80d2d72408f808c51ce5f98c0b5adb
-
SHA512
766550bf0d024f045b0f9d7eaacbb61e0c234a59c3901fe4d659927645b3294ada10288b35cbd44fa8eb3446085d10da1c5f899779351fd5a6ccb5a1920b2f8a
-
SSDEEP
24576:i8FAGzhOxi/8+hxyHwVrKZzyykcgwIk4vkoFNxeAs:3KoyI1EQVazy0RIk4vkoFHe
Static task
static1
Malware Config
Targets
-
-
Target
2aa12df8152079df69ce993e78508c12bd80d2d72408f808c51ce5f98c0b5adb
-
Size
1.2MB
-
MD5
14374b00b3c3897f4e9e66017c58c14b
-
SHA1
27e2ad45987be0f84314f27d5f749798d2c3f688
-
SHA256
2aa12df8152079df69ce993e78508c12bd80d2d72408f808c51ce5f98c0b5adb
-
SHA512
766550bf0d024f045b0f9d7eaacbb61e0c234a59c3901fe4d659927645b3294ada10288b35cbd44fa8eb3446085d10da1c5f899779351fd5a6ccb5a1920b2f8a
-
SSDEEP
24576:i8FAGzhOxi/8+hxyHwVrKZzyykcgwIk4vkoFNxeAs:3KoyI1EQVazy0RIk4vkoFHe
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-