General
-
Target
a0abeca56ad9e60a433dea67e9ce79af3e2db93c864b8f3fe6bfdaf56cea3e60
-
Size
563KB
-
Sample
230423-zh7m7afg68
-
MD5
3cc8ebf8583a8a5e0c00b6c97d9afcc7
-
SHA1
d3ecd271b8e0c671609efc84c3b532efbe796cf2
-
SHA256
a0abeca56ad9e60a433dea67e9ce79af3e2db93c864b8f3fe6bfdaf56cea3e60
-
SHA512
3be13394bdfada4865e238076fa0ffb46a2f04771857c869fedf5ace6dce86fb0cdc63582d5664cc0c19c9664613ff30f280b164a5e1ead65dc3a90a8d2b9f37
-
SSDEEP
12288:hy90dmsipCX7zfujDfFHQJJhdH2CECei1KyY68rSJPg:hylG7CfFHkbd2ZI1KyN8rIg
Static task
static1
Malware Config
Targets
-
-
Target
a0abeca56ad9e60a433dea67e9ce79af3e2db93c864b8f3fe6bfdaf56cea3e60
-
Size
563KB
-
MD5
3cc8ebf8583a8a5e0c00b6c97d9afcc7
-
SHA1
d3ecd271b8e0c671609efc84c3b532efbe796cf2
-
SHA256
a0abeca56ad9e60a433dea67e9ce79af3e2db93c864b8f3fe6bfdaf56cea3e60
-
SHA512
3be13394bdfada4865e238076fa0ffb46a2f04771857c869fedf5ace6dce86fb0cdc63582d5664cc0c19c9664613ff30f280b164a5e1ead65dc3a90a8d2b9f37
-
SSDEEP
12288:hy90dmsipCX7zfujDfFHQJJhdH2CECei1KyY68rSJPg:hylG7CfFHkbd2ZI1KyN8rIg
-
Executes dropped EXE
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-