General
-
Target
0cb6db3b13d90d34c76a8978afe08abae24991fa0d11cecd642c7714f9b376a8
-
Size
6.5MB
-
Sample
230610-fenalaeb98
-
MD5
bf617cd6dac3097d47ac38c609a7b3d0
-
SHA1
e2c39b57f39364d54d4364540ce8f774b30d521d
-
SHA256
0cb6db3b13d90d34c76a8978afe08abae24991fa0d11cecd642c7714f9b376a8
-
SHA512
ad63b0c16621561028e4df64d45d1be68ae5baa3cf34400869df1acc7bcda6e65dad6e8cf2721f0d734ac03616a0fa8abbe31ddfeaa6bd4b294c2a026bb0c382
-
SSDEEP
98304:miMFhJ+oF/Z7QIL0rUJZPx8EvavPwbp56FjL:SerqJxQX
Static task
static1
Behavioral task
behavioral1
Sample
0cb6db3b13d90d34c76a8978afe08abae24991fa0d11cecd642c7714f9b376a8.exe
Resource
win7-20230220-en
Malware Config
Extracted
stealc
http://95.217.232.10/2e12d77e23b78d01.php
Targets
-
-
Target
0cb6db3b13d90d34c76a8978afe08abae24991fa0d11cecd642c7714f9b376a8
-
Size
6.5MB
-
MD5
bf617cd6dac3097d47ac38c609a7b3d0
-
SHA1
e2c39b57f39364d54d4364540ce8f774b30d521d
-
SHA256
0cb6db3b13d90d34c76a8978afe08abae24991fa0d11cecd642c7714f9b376a8
-
SHA512
ad63b0c16621561028e4df64d45d1be68ae5baa3cf34400869df1acc7bcda6e65dad6e8cf2721f0d734ac03616a0fa8abbe31ddfeaa6bd4b294c2a026bb0c382
-
SSDEEP
98304:miMFhJ+oF/Z7QIL0rUJZPx8EvavPwbp56FjL:SerqJxQX
-
Detects Stealc stealer
-
Downloads MZ/PE file
-
Loads dropped DLL
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-