General
-
Target
7960B82F206DD6DEBA99E94FB307D742.exe
-
Size
178KB
-
Sample
240222-zjk6ksfa3x
-
MD5
7960b82f206dd6deba99e94fb307d742
-
SHA1
f6fb7ecb095d42e19c4b453aa6b307b8dc382aa5
-
SHA256
0170ee4ad99fd6ff4b4adfa3cf9c6b838c7fec480d5f9b0822991cfc2bda6fdb
-
SHA512
1d42fd9e09fdf55cba2ce56fd5d60c812f8e40529c65eb4429055abe870bb6ff3b8ea83dca426ad94ee742672341afb7a69eb0f95b87b01293dbcd846bdb3681
-
SSDEEP
3072:MBGBWNQjsqc8GslCSB9MvWAxR5Z3Awy/ZbSTdugGihf0d:/SQjdGUB9M+iL3AwyhbSRujd
Static task
static1
Behavioral task
behavioral1
Sample
7960B82F206DD6DEBA99E94FB307D742.exe
Resource
win7-20240215-en
Malware Config
Extracted
stealc
http://185.172.128.24
-
url_path
/f993692117a3fda2.php
Targets
-
-
Target
7960B82F206DD6DEBA99E94FB307D742.exe
-
Size
178KB
-
MD5
7960b82f206dd6deba99e94fb307d742
-
SHA1
f6fb7ecb095d42e19c4b453aa6b307b8dc382aa5
-
SHA256
0170ee4ad99fd6ff4b4adfa3cf9c6b838c7fec480d5f9b0822991cfc2bda6fdb
-
SHA512
1d42fd9e09fdf55cba2ce56fd5d60c812f8e40529c65eb4429055abe870bb6ff3b8ea83dca426ad94ee742672341afb7a69eb0f95b87b01293dbcd846bdb3681
-
SSDEEP
3072:MBGBWNQjsqc8GslCSB9MvWAxR5Z3Awy/ZbSTdugGihf0d:/SQjdGUB9M+iL3AwyhbSRujd
-
Downloads MZ/PE file
-
Loads dropped DLL
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-