General
-
Target
7291faf6e30edcd61009046b73c24d22bc3d4c45d79759a6c35cd47dbf193dcb
-
Size
1.2MB
-
Sample
230423-zfx1zafg54
-
MD5
77cee536e583de02f13da88e76b37377
-
SHA1
139aded8a1386dea4c809f68f3ca3c8fa7027152
-
SHA256
7291faf6e30edcd61009046b73c24d22bc3d4c45d79759a6c35cd47dbf193dcb
-
SHA512
99d068cc3668f64c5180b1cae6915d4c9a9c143129ae69755638375e26cb0ca8803d0efea82a4798f3d612b246bdfdc752b5d77bd601756fafe3001cc32d335f
-
SSDEEP
24576:f8FAGzhOxi/8+hxyHwVrKZzyykcgwIk4vkoFNxeAs:EKoyI1EQVazy0RIk4vkoFHe
Static task
static1
Malware Config
Targets
-
-
Target
7291faf6e30edcd61009046b73c24d22bc3d4c45d79759a6c35cd47dbf193dcb
-
Size
1.2MB
-
MD5
77cee536e583de02f13da88e76b37377
-
SHA1
139aded8a1386dea4c809f68f3ca3c8fa7027152
-
SHA256
7291faf6e30edcd61009046b73c24d22bc3d4c45d79759a6c35cd47dbf193dcb
-
SHA512
99d068cc3668f64c5180b1cae6915d4c9a9c143129ae69755638375e26cb0ca8803d0efea82a4798f3d612b246bdfdc752b5d77bd601756fafe3001cc32d335f
-
SSDEEP
24576:f8FAGzhOxi/8+hxyHwVrKZzyykcgwIk4vkoFNxeAs:EKoyI1EQVazy0RIk4vkoFHe
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-