General
-
Target
66b6b9718107b5a481bb70c32712b243b06b949939066504d2c938349acb0d08
-
Size
564KB
-
Sample
230424-ahyb3sgg32
-
MD5
2dd94a75002b58c7f5045e49a4e2b749
-
SHA1
427fa59027fc3b527f3d35cf991443e81bc1f063
-
SHA256
66b6b9718107b5a481bb70c32712b243b06b949939066504d2c938349acb0d08
-
SHA512
14a8736e41fce75e6f56c6c8edf7616d051eff168273454692da0cd29b701d1d356eb5db31ef3ab7633f6d61b84484586cce8a2a2ddaf19ce25242c16e474177
-
SSDEEP
12288:ny90aNm1I4bbxKQ+O5Lh0I5Ozt0zthnMxDk/cLqGSTH:nymCSll35l12GztFWY/cLmH
Static task
static1
Malware Config
Targets
-
-
Target
66b6b9718107b5a481bb70c32712b243b06b949939066504d2c938349acb0d08
-
Size
564KB
-
MD5
2dd94a75002b58c7f5045e49a4e2b749
-
SHA1
427fa59027fc3b527f3d35cf991443e81bc1f063
-
SHA256
66b6b9718107b5a481bb70c32712b243b06b949939066504d2c938349acb0d08
-
SHA512
14a8736e41fce75e6f56c6c8edf7616d051eff168273454692da0cd29b701d1d356eb5db31ef3ab7633f6d61b84484586cce8a2a2ddaf19ce25242c16e474177
-
SSDEEP
12288:ny90aNm1I4bbxKQ+O5Lh0I5Ozt0zthnMxDk/cLqGSTH:nymCSll35l12GztFWY/cLmH
-
Executes dropped EXE
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-