General
-
Target
7c85bd4e37043c70521ad7177957c24244eee3ccf32aa42fe0a91e13b1b098a8
-
Size
1.2MB
-
Sample
230423-zhrlzafg64
-
MD5
0e437f04e6f2550a4379c06be9500733
-
SHA1
fccc78c3a3ec3b215aff9b6b25a80eac850a9baa
-
SHA256
7c85bd4e37043c70521ad7177957c24244eee3ccf32aa42fe0a91e13b1b098a8
-
SHA512
572d0e676d955f53092b29d4b9e62c9baf269f15a6adde5caf9b469d89c1158e7a5ee8aa553df19b28cf8c93363e6abdbf00d0b4ca35d18ba2dde1f43f2638c8
-
SSDEEP
24576:T8FAGzhOxi/8+hxyHwVrKZzyykcgwIk4vkoFNxeAs:IKoyI1EQVazy0RIk4vkoFHe
Static task
static1
Malware Config
Targets
-
-
Target
7c85bd4e37043c70521ad7177957c24244eee3ccf32aa42fe0a91e13b1b098a8
-
Size
1.2MB
-
MD5
0e437f04e6f2550a4379c06be9500733
-
SHA1
fccc78c3a3ec3b215aff9b6b25a80eac850a9baa
-
SHA256
7c85bd4e37043c70521ad7177957c24244eee3ccf32aa42fe0a91e13b1b098a8
-
SHA512
572d0e676d955f53092b29d4b9e62c9baf269f15a6adde5caf9b469d89c1158e7a5ee8aa553df19b28cf8c93363e6abdbf00d0b4ca35d18ba2dde1f43f2638c8
-
SSDEEP
24576:T8FAGzhOxi/8+hxyHwVrKZzyykcgwIk4vkoFNxeAs:IKoyI1EQVazy0RIk4vkoFHe
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-