General
-
Target
285dd4a90419f041fd06721fa01e04ee24619115520973959a41580f92345bc2
-
Size
1.1MB
-
Sample
230426-wx88sach7x
-
MD5
5108d1aa9f94b5e8511554f066c8abf9
-
SHA1
538eb5a1a13aa143176af5bb9e2b3b0c326a5ade
-
SHA256
285dd4a90419f041fd06721fa01e04ee24619115520973959a41580f92345bc2
-
SHA512
84db650daed460ee4ddfe4b19c5440e412c1fe9fba8897481d1506ebaee0244d68a658659861fc1b7a67401de6b984cbed712cdbe5a509edc044852ed334fba6
-
SSDEEP
24576:5yWaWc/2fRCDtPLxexwgdRS7El4q02yzNaeQl:sWNc/eAD99EwgdRBl4/DxaeQ
Static task
static1
Malware Config
Targets
-
-
Target
285dd4a90419f041fd06721fa01e04ee24619115520973959a41580f92345bc2
-
Size
1.1MB
-
MD5
5108d1aa9f94b5e8511554f066c8abf9
-
SHA1
538eb5a1a13aa143176af5bb9e2b3b0c326a5ade
-
SHA256
285dd4a90419f041fd06721fa01e04ee24619115520973959a41580f92345bc2
-
SHA512
84db650daed460ee4ddfe4b19c5440e412c1fe9fba8897481d1506ebaee0244d68a658659861fc1b7a67401de6b984cbed712cdbe5a509edc044852ed334fba6
-
SSDEEP
24576:5yWaWc/2fRCDtPLxexwgdRS7El4q02yzNaeQl:sWNc/eAD99EwgdRBl4/DxaeQ
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Suspicious use of SetThreadContext
-