General
-
Target
2383c716fbbbbf50eb7578c77554ee99a3b2a35dcf57d3d748910c6f81dcaf0b
-
Size
289KB
-
Sample
231208-axsedagd22
-
MD5
a1126daf662fcd5856931df63c9e8256
-
SHA1
533590948b9824fc829ca0b08aafff771118a3d0
-
SHA256
2383c716fbbbbf50eb7578c77554ee99a3b2a35dcf57d3d748910c6f81dcaf0b
-
SHA512
d9d97c7839d700781d5def3b9f8bca08c81dce7e334347a6d5c6ecf59c894184f61993446484aec16978dc620464a93f30ffd7e0b7471da268b07ce96e6e37dc
-
SSDEEP
3072:N6O7mrWGLoK8NykDZDortD8IE3ieA0WQ+D0pRdGIFiZapPwOeTR4L:cKXaL84kdDortDbQ+DMGIFiMpoT
Static task
static1
Malware Config
Extracted
stealc
http://5.42.64.41
-
url_path
/40d570f44e84a454.php
Targets
-
-
Target
2383c716fbbbbf50eb7578c77554ee99a3b2a35dcf57d3d748910c6f81dcaf0b
-
Size
289KB
-
MD5
a1126daf662fcd5856931df63c9e8256
-
SHA1
533590948b9824fc829ca0b08aafff771118a3d0
-
SHA256
2383c716fbbbbf50eb7578c77554ee99a3b2a35dcf57d3d748910c6f81dcaf0b
-
SHA512
d9d97c7839d700781d5def3b9f8bca08c81dce7e334347a6d5c6ecf59c894184f61993446484aec16978dc620464a93f30ffd7e0b7471da268b07ce96e6e37dc
-
SSDEEP
3072:N6O7mrWGLoK8NykDZDortD8IE3ieA0WQ+D0pRdGIFiZapPwOeTR4L:cKXaL84kdDortDbQ+DMGIFiMpoT
-
Downloads MZ/PE file
-
Loads dropped DLL
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-