General
-
Target
2bf671359a1ee4ffa12007541175975a32581815d226f828c4ea7f942bbb14b3
-
Size
1.0MB
-
Sample
230424-ag7t5agg26
-
MD5
8e563a15d5cfba622cd77f8f03532e78
-
SHA1
ac01a44a3c8c1e932fbeada05261ef96fe4380d7
-
SHA256
2bf671359a1ee4ffa12007541175975a32581815d226f828c4ea7f942bbb14b3
-
SHA512
3ad09c1283d58bc8def52db618c35ca6f549b60f2ed7f587bffbf806b9f1115929071a18651e9530a66b266b3dea247819a4583da38d505e710c9037ec6768b2
-
SSDEEP
24576:dcIu58c6Od3W36hmxGaKc1HIcf0ErjxO+TtR1N2VRDrcG3:JmZ6Od3WqFaKc1Hh8ErdOWR1N2fDrc
Static task
static1
Malware Config
Targets
-
-
Target
2bf671359a1ee4ffa12007541175975a32581815d226f828c4ea7f942bbb14b3
-
Size
1.0MB
-
MD5
8e563a15d5cfba622cd77f8f03532e78
-
SHA1
ac01a44a3c8c1e932fbeada05261ef96fe4380d7
-
SHA256
2bf671359a1ee4ffa12007541175975a32581815d226f828c4ea7f942bbb14b3
-
SHA512
3ad09c1283d58bc8def52db618c35ca6f549b60f2ed7f587bffbf806b9f1115929071a18651e9530a66b266b3dea247819a4583da38d505e710c9037ec6768b2
-
SSDEEP
24576:dcIu58c6Od3W36hmxGaKc1HIcf0ErjxO+TtR1N2VRDrcG3:JmZ6Od3WqFaKc1Hh8ErdOWR1N2fDrc
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-