General
-
Target
6920aa5adac327d0b77bcbcf2c105098
-
Size
701KB
-
Sample
240120-br74bahahp
-
MD5
6920aa5adac327d0b77bcbcf2c105098
-
SHA1
750a44564b2a4f5199c3be46183ea7ed12215f29
-
SHA256
b937f9098ea56ff4120f21634aaf765cd11f62950cbcf1f4727cc673785a9560
-
SHA512
1257bea8df52390bc0a158eabb1a931340fefc18161884d4901ccc2a836d818ffe766850e23311885fdae315a7245303a35eb0970868506bb245fc92c6bb2aad
-
SSDEEP
12288:u6i7jDNvrm737MOxTAc2NT0c7C4S5JfsZmjb2c36kMtEcZua+rCR8/6Pdfr84elm:zYvkz7Fm07Cwb2cjMScZua+rCR8aIXov
Static task
static1
Behavioral task
behavioral1
Sample
6920aa5adac327d0b77bcbcf2c105098.exe
Resource
win7-20231215-en
Malware Config
Extracted
cryptbot
fokuti41.top
morwiv04.top
-
payload_url
http://nybyoi06.top/download.php?file=lv.exe
Targets
-
-
Target
6920aa5adac327d0b77bcbcf2c105098
-
Size
701KB
-
MD5
6920aa5adac327d0b77bcbcf2c105098
-
SHA1
750a44564b2a4f5199c3be46183ea7ed12215f29
-
SHA256
b937f9098ea56ff4120f21634aaf765cd11f62950cbcf1f4727cc673785a9560
-
SHA512
1257bea8df52390bc0a158eabb1a931340fefc18161884d4901ccc2a836d818ffe766850e23311885fdae315a7245303a35eb0970868506bb245fc92c6bb2aad
-
SSDEEP
12288:u6i7jDNvrm737MOxTAc2NT0c7C4S5JfsZmjb2c36kMtEcZua+rCR8/6Pdfr84elm:zYvkz7Fm07Cwb2cjMScZua+rCR8aIXov
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-