General
-
Target
b1bf0502579ad6cd7d76a42be84e8bbe
-
Size
244KB
-
Sample
231227-qtte9sbghj
-
MD5
b1bf0502579ad6cd7d76a42be84e8bbe
-
SHA1
c504901b4031e117e4e6dfada6e7471dea7c36fd
-
SHA256
c7685d2b519c5e3838daeeab473106345b4bd434e733ec8aa2b8a5b5ad8eb902
-
SHA512
235fceba028418d02cf97aa02801d928e1d72bd5f74a4edc40d66ff824f63f5768985bcd236d5828aabeb62d524126fc1594c3e9ad44f9d193ff94392b5441c5
-
SSDEEP
6144:9eCzgAfHUX+LEK9lTwNqTd/3Uoj131JvOzflLxof5F9BjQ:NHUX+gSHT1EobxOxFs9NQ
Static task
static1
Behavioral task
behavioral1
Sample
a1a258c9e2751e7d0906c64e27d5999ab380017639fc97d49dc1c0df3a2c3ea3.exe
Resource
win7-20231129-en
Malware Config
Targets
-
-
Target
a1a258c9e2751e7d0906c64e27d5999ab380017639fc97d49dc1c0df3a2c3ea3
-
Size
339KB
-
MD5
85d26f599f100e876542f3977e8539c5
-
SHA1
82289e92aa61b145b7c966293acfd0cb9ab9d5db
-
SHA256
a1a258c9e2751e7d0906c64e27d5999ab380017639fc97d49dc1c0df3a2c3ea3
-
SHA512
322cd8ab595fa5b6dbfe5ce0b720f41d18d1a4917cd43e373b62669c51b41397d8aab811f577e325d0bf54474ca5db5cd1ea1979de9ddfabd0148ad081c32f4b
-
SSDEEP
6144:l98cADCn51AMvn52ReDSjYHXCCY+4umkxmHRjsz6:/n7AI5HQYHXCzVumGmxgz6
-
Taurus Stealer payload
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Suspicious use of SetThreadContext
-