General
-
Target
d2b234e0cd101f79acf00a0b4a885ac51956d08f059b8fc9faf399c58afd4904
-
Size
327KB
-
Sample
240505-2x541sbg37
-
MD5
d850b6ebe1794ee8bbe4f9a862fb2519
-
SHA1
83e4449caf18d714755bde5930ecec3f8fbf8d74
-
SHA256
d2b234e0cd101f79acf00a0b4a885ac51956d08f059b8fc9faf399c58afd4904
-
SHA512
02b9906ce808fbc99fe57877f7e2fc078a990edc231693a06b92ea87858181c2a6afc74709a1296e4241872bf26629121a2c13b7ac4ead4d84f48b6267346ae5
-
SSDEEP
6144:/dtjOT40ieHqEEEEEEEos0+vQde7g2RsRIpjKRqBQe:/dYT40iBsrz7g7Ip2sx
Static task
static1
Behavioral task
behavioral1
Sample
d2b234e0cd101f79acf00a0b4a885ac51956d08f059b8fc9faf399c58afd4904.exe
Resource
win7-20240221-en
Malware Config
Extracted
stealc
http://185.172.128.151
-
url_path
/7043a0c6a68d9c65.php
Targets
-
-
Target
d2b234e0cd101f79acf00a0b4a885ac51956d08f059b8fc9faf399c58afd4904
-
Size
327KB
-
MD5
d850b6ebe1794ee8bbe4f9a862fb2519
-
SHA1
83e4449caf18d714755bde5930ecec3f8fbf8d74
-
SHA256
d2b234e0cd101f79acf00a0b4a885ac51956d08f059b8fc9faf399c58afd4904
-
SHA512
02b9906ce808fbc99fe57877f7e2fc078a990edc231693a06b92ea87858181c2a6afc74709a1296e4241872bf26629121a2c13b7ac4ead4d84f48b6267346ae5
-
SSDEEP
6144:/dtjOT40ieHqEEEEEEEos0+vQde7g2RsRIpjKRqBQe:/dYT40iBsrz7g7Ip2sx
-
Downloads MZ/PE file
-
Loads dropped DLL
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-