General
-
Target
c38d2f958315235062edf92438a312af9bb0bc9cebca7af6648a58446fe53165
-
Size
1.2MB
-
Sample
230423-zjyrnshd6w
-
MD5
19626d8003a1ed5efe0c082cd4c6f787
-
SHA1
572c0f567c177905bcbc72b9e052aa7da5b8415c
-
SHA256
c38d2f958315235062edf92438a312af9bb0bc9cebca7af6648a58446fe53165
-
SHA512
87d0d02217c6e886041ca0fcc3f7380b8f98d7dcf279ef922d35819b8eb1e689f5e2af97c2e7fe94d18e96cfdf78eb48f741e85d9bf3eab67686ba42608adb21
-
SSDEEP
24576:S8FAGzhOxi/8+hxyHwVrKZzyykcgwIk4vkoFNxeAs:HKoyI1EQVazy0RIk4vkoFHe
Static task
static1
Malware Config
Targets
-
-
Target
c38d2f958315235062edf92438a312af9bb0bc9cebca7af6648a58446fe53165
-
Size
1.2MB
-
MD5
19626d8003a1ed5efe0c082cd4c6f787
-
SHA1
572c0f567c177905bcbc72b9e052aa7da5b8415c
-
SHA256
c38d2f958315235062edf92438a312af9bb0bc9cebca7af6648a58446fe53165
-
SHA512
87d0d02217c6e886041ca0fcc3f7380b8f98d7dcf279ef922d35819b8eb1e689f5e2af97c2e7fe94d18e96cfdf78eb48f741e85d9bf3eab67686ba42608adb21
-
SSDEEP
24576:S8FAGzhOxi/8+hxyHwVrKZzyykcgwIk4vkoFNxeAs:HKoyI1EQVazy0RIk4vkoFHe
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-