General
-
Target
22250e38ccca148362616bff926c5f6f87f405b1d340682c2d5e2f515168b073
-
Size
318KB
-
Sample
240505-2b89jsag26
-
MD5
d65b158a6ef38f93e8596470e3f086b4
-
SHA1
3b1404af57c344ee91305408a1fdaf97cba9311e
-
SHA256
22250e38ccca148362616bff926c5f6f87f405b1d340682c2d5e2f515168b073
-
SHA512
b5b0688a92d1cd7cf5e320a9b9a8387c508898f37ece3eec3a0c23876edb35acc871bd3056b4decd789430a1b09911337488b0faa35b9dc1ae777f32bf79ce3d
-
SSDEEP
3072:ESNbAVPZlpIQMlo3lTV+WxuCdzt3BBgsQgyIXWlF7q6JoKnvS0rH615/jaVSMFuL:cbhMWVVZtRyzgLXY7q6JoKta18VSiK0
Static task
static1
Behavioral task
behavioral1
Sample
22250e38ccca148362616bff926c5f6f87f405b1d340682c2d5e2f515168b073.exe
Resource
win7-20240221-en
Malware Config
Extracted
stealc
http://185.172.128.151
-
url_path
/7043a0c6a68d9c65.php
Targets
-
-
Target
22250e38ccca148362616bff926c5f6f87f405b1d340682c2d5e2f515168b073
-
Size
318KB
-
MD5
d65b158a6ef38f93e8596470e3f086b4
-
SHA1
3b1404af57c344ee91305408a1fdaf97cba9311e
-
SHA256
22250e38ccca148362616bff926c5f6f87f405b1d340682c2d5e2f515168b073
-
SHA512
b5b0688a92d1cd7cf5e320a9b9a8387c508898f37ece3eec3a0c23876edb35acc871bd3056b4decd789430a1b09911337488b0faa35b9dc1ae777f32bf79ce3d
-
SSDEEP
3072:ESNbAVPZlpIQMlo3lTV+WxuCdzt3BBgsQgyIXWlF7q6JoKnvS0rH615/jaVSMFuL:cbhMWVVZtRyzgLXY7q6JoKta18VSiK0
-
Downloads MZ/PE file
-
Loads dropped DLL
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-