General
-
Target
1c66b055f82294658caeb12b48a82baa447537296f3f68ba4598ca767d0aac3c
-
Size
271KB
-
Sample
240505-2brdqsff91
-
MD5
e16c7731f650a9f3679303d0f3c034a3
-
SHA1
fc76465f2e3e01e675215cb5fab349d72125dbb5
-
SHA256
1c66b055f82294658caeb12b48a82baa447537296f3f68ba4598ca767d0aac3c
-
SHA512
191d460f47bed4060a8647d3dd04db4bef19abe20fad6a78d9245d6c589d3d03e628c1a236de2901be38561036bf425bdbd94874303b542f26993c79a4b2555a
-
SSDEEP
3072:o+/Q0gpCtI9bL+hAL+lSh5P6yWkBo8YmA1QtmEUD0EPbDCF1V:04udLhh5PakO8IQtmEUDpPs
Static task
static1
Behavioral task
behavioral1
Sample
1c66b055f82294658caeb12b48a82baa447537296f3f68ba4598ca767d0aac3c.exe
Resource
win7-20240221-en
Malware Config
Extracted
stealc
http://185.172.128.151
-
url_path
/7043a0c6a68d9c65.php
Targets
-
-
Target
1c66b055f82294658caeb12b48a82baa447537296f3f68ba4598ca767d0aac3c
-
Size
271KB
-
MD5
e16c7731f650a9f3679303d0f3c034a3
-
SHA1
fc76465f2e3e01e675215cb5fab349d72125dbb5
-
SHA256
1c66b055f82294658caeb12b48a82baa447537296f3f68ba4598ca767d0aac3c
-
SHA512
191d460f47bed4060a8647d3dd04db4bef19abe20fad6a78d9245d6c589d3d03e628c1a236de2901be38561036bf425bdbd94874303b542f26993c79a4b2555a
-
SSDEEP
3072:o+/Q0gpCtI9bL+hAL+lSh5P6yWkBo8YmA1QtmEUD0EPbDCF1V:04udLhh5PakO8IQtmEUDpPs
-
Downloads MZ/PE file
-
Loads dropped DLL
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-