General
-
Target
crack.exe
-
Size
8.1MB
-
Sample
240407-233wvahc4y
-
MD5
d87b402b821fa842d89283aa8654d9c0
-
SHA1
30c086651e1bcd191163c01efbab55f51ec04691
-
SHA256
791a66abbd58ac34dc72565455fb6e596bb14b93aa5b0109e0d53c60b87b5678
-
SHA512
37ff5b178e10c2a64ca5cd3c11b2dd8ac153de7b62f363f2a0b608590befa07bc4e8f35a2ab7e57fb2b9ec06e2a91dfad99ce024cc787a777b410f5e0ad81de8
-
SSDEEP
196608:WoeEzryqpLjv+bhqNVoB8Ck5c7GpNlpq41J2jnFHbk9qtlDfJP:EWyKL+9qz88Ck+7q3p91Jin8qfZ
Behavioral task
behavioral1
Sample
crack.exe
Resource
win7-20240215-en
Malware Config
Targets
-
-
Target
crack.exe
-
Size
8.1MB
-
MD5
d87b402b821fa842d89283aa8654d9c0
-
SHA1
30c086651e1bcd191163c01efbab55f51ec04691
-
SHA256
791a66abbd58ac34dc72565455fb6e596bb14b93aa5b0109e0d53c60b87b5678
-
SHA512
37ff5b178e10c2a64ca5cd3c11b2dd8ac153de7b62f363f2a0b608590befa07bc4e8f35a2ab7e57fb2b9ec06e2a91dfad99ce024cc787a777b410f5e0ad81de8
-
SSDEEP
196608:WoeEzryqpLjv+bhqNVoB8Ck5c7GpNlpq41J2jnFHbk9qtlDfJP:EWyKL+9qz88Ck+7q3p91Jin8qfZ
-
Executes dropped EXE
-
Loads dropped DLL
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-