General
-
Target
3bf09cb301db9fb29e77f765ed1527942c6013fd108c96bf2733e7b52870620c
-
Size
258KB
-
Sample
240212-wg88vacd64
-
MD5
3b424374277eab700a37a0b02eee106a
-
SHA1
213172957294cce4ed5cf0f639d2bbf238aa4752
-
SHA256
3bf09cb301db9fb29e77f765ed1527942c6013fd108c96bf2733e7b52870620c
-
SHA512
2f509fae0666ed12f2f34304ead5aac8162580d74637735c04d69e437a58aa57687409db3c2a8c247e34cd4f78c8b5f9f89fd80ad448451039444c548107f588
-
SSDEEP
6144:nAgxZgsKgNgRVnyebhwWMJvPUo5HYjWjm:nAgxZOgNanyeVwWMJHUo5f
Static task
static1
Behavioral task
behavioral1
Sample
3bf09cb301db9fb29e77f765ed1527942c6013fd108c96bf2733e7b52870620c.exe
Resource
win7-20231215-en
Malware Config
Extracted
stealc
http://185.172.128.24
-
url_path
/f993692117a3fda2.php
Targets
-
-
Target
3bf09cb301db9fb29e77f765ed1527942c6013fd108c96bf2733e7b52870620c
-
Size
258KB
-
MD5
3b424374277eab700a37a0b02eee106a
-
SHA1
213172957294cce4ed5cf0f639d2bbf238aa4752
-
SHA256
3bf09cb301db9fb29e77f765ed1527942c6013fd108c96bf2733e7b52870620c
-
SHA512
2f509fae0666ed12f2f34304ead5aac8162580d74637735c04d69e437a58aa57687409db3c2a8c247e34cd4f78c8b5f9f89fd80ad448451039444c548107f588
-
SSDEEP
6144:nAgxZgsKgNgRVnyebhwWMJvPUo5HYjWjm:nAgxZOgNanyeVwWMJHUo5f
-
Downloads MZ/PE file
-
Loads dropped DLL
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-