General
-
Target
722d070751a11904c88c2eb82df3d502cdea23ff13facdd7b107e543511d23ec
-
Size
336KB
-
Sample
240505-2k8dlsgb7w
-
MD5
24a9fe0cac600df98f9d67479c2b2735
-
SHA1
1a1bd63334ee87143b52eae70019bfb54ccefa00
-
SHA256
722d070751a11904c88c2eb82df3d502cdea23ff13facdd7b107e543511d23ec
-
SHA512
412d33a0c151c7b2c0fc3ee9310889a632215e68dcd48f665504c15f3acbfa7a8c69e271ce08f7ba65f6b60f846eed409a29f7004a0991f8ffbaa486925ba333
-
SSDEEP
3072:T/RW513p4LL047+vTpjC/gf1n1bxwzNs57ifHWLJ4eh5eAfJ7AuLlppxT0W5NMD4:QHq3Hobbx8Ns4QJ4sjhTlL10Wgi
Static task
static1
Behavioral task
behavioral1
Sample
722d070751a11904c88c2eb82df3d502cdea23ff13facdd7b107e543511d23ec.exe
Resource
win7-20240221-en
Malware Config
Extracted
stealc
http://185.172.128.151
-
url_path
/7043a0c6a68d9c65.php
Targets
-
-
Target
722d070751a11904c88c2eb82df3d502cdea23ff13facdd7b107e543511d23ec
-
Size
336KB
-
MD5
24a9fe0cac600df98f9d67479c2b2735
-
SHA1
1a1bd63334ee87143b52eae70019bfb54ccefa00
-
SHA256
722d070751a11904c88c2eb82df3d502cdea23ff13facdd7b107e543511d23ec
-
SHA512
412d33a0c151c7b2c0fc3ee9310889a632215e68dcd48f665504c15f3acbfa7a8c69e271ce08f7ba65f6b60f846eed409a29f7004a0991f8ffbaa486925ba333
-
SSDEEP
3072:T/RW513p4LL047+vTpjC/gf1n1bxwzNs57ifHWLJ4eh5eAfJ7AuLlppxT0W5NMD4:QHq3Hobbx8Ns4QJ4sjhTlL10Wgi
-
Downloads MZ/PE file
-
Loads dropped DLL
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-