General
-
Target
c6410dd86618f808d57c283dc893a17a0e7d5ce8072e5f2ed3fc4e17f09ad4cf
-
Size
323KB
-
Sample
240505-2wqypsbf67
-
MD5
e812b547a3cc9423474b88bc8dad4054
-
SHA1
cd56384113fcc20c89b5b94b0cd462c01f56d6b6
-
SHA256
c6410dd86618f808d57c283dc893a17a0e7d5ce8072e5f2ed3fc4e17f09ad4cf
-
SHA512
7520c6928ebb391a6852652c2419de004e916d3ec8d5315a011ac0eaf04cc3dcface9b51596b516b09bd3b189068a7667819d9dde3011369f57c1028ac5d310a
-
SSDEEP
6144:1jXaUdBAnNZnZ2dHg/Hurn4yWl2sXUzxtI:1DZAnZsHgf3PA1
Static task
static1
Behavioral task
behavioral1
Sample
c6410dd86618f808d57c283dc893a17a0e7d5ce8072e5f2ed3fc4e17f09ad4cf.exe
Resource
win7-20240221-en
Malware Config
Extracted
stealc
http://185.172.128.151
-
url_path
/7043a0c6a68d9c65.php
Targets
-
-
Target
c6410dd86618f808d57c283dc893a17a0e7d5ce8072e5f2ed3fc4e17f09ad4cf
-
Size
323KB
-
MD5
e812b547a3cc9423474b88bc8dad4054
-
SHA1
cd56384113fcc20c89b5b94b0cd462c01f56d6b6
-
SHA256
c6410dd86618f808d57c283dc893a17a0e7d5ce8072e5f2ed3fc4e17f09ad4cf
-
SHA512
7520c6928ebb391a6852652c2419de004e916d3ec8d5315a011ac0eaf04cc3dcface9b51596b516b09bd3b189068a7667819d9dde3011369f57c1028ac5d310a
-
SSDEEP
6144:1jXaUdBAnNZnZ2dHg/Hurn4yWl2sXUzxtI:1DZAnZsHgf3PA1
-
Downloads MZ/PE file
-
Loads dropped DLL
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-