General
-
Target
4f5ff71e1d9d733798f299fdb3b12f0dc7fb517dcdff03ee02bee66991b3f517
-
Size
275KB
-
Sample
240505-hqvj6adf44
-
MD5
f3b06f8f7e9e5a203b09281acd8ec4d9
-
SHA1
d35f18362a4f729df4a77589d13c691f4e8f5218
-
SHA256
4f5ff71e1d9d733798f299fdb3b12f0dc7fb517dcdff03ee02bee66991b3f517
-
SHA512
f4cf359264dc14e1e88a7111c29a597f0ccf2c34a1ad24a2941b598f252e7e06fc0aeb4689aac41be9d9ba6a26e8f200355745736202690e9c0e2fc2ddabc17b
-
SSDEEP
3072:c51KP8WkwhmiK6LSj/R2rCFsooFcPN5j3iqFAOA2P58:D8WZmiKZDo2r3iwAEB
Static task
static1
Behavioral task
behavioral1
Sample
4f5ff71e1d9d733798f299fdb3b12f0dc7fb517dcdff03ee02bee66991b3f517.exe
Resource
win10v2004-20240419-en
Malware Config
Extracted
stealc
http://185.172.128.150
-
url_path
/c698e1bc8a2f5e6d.php
Targets
-
-
Target
4f5ff71e1d9d733798f299fdb3b12f0dc7fb517dcdff03ee02bee66991b3f517
-
Size
275KB
-
MD5
f3b06f8f7e9e5a203b09281acd8ec4d9
-
SHA1
d35f18362a4f729df4a77589d13c691f4e8f5218
-
SHA256
4f5ff71e1d9d733798f299fdb3b12f0dc7fb517dcdff03ee02bee66991b3f517
-
SHA512
f4cf359264dc14e1e88a7111c29a597f0ccf2c34a1ad24a2941b598f252e7e06fc0aeb4689aac41be9d9ba6a26e8f200355745736202690e9c0e2fc2ddabc17b
-
SSDEEP
3072:c51KP8WkwhmiK6LSj/R2rCFsooFcPN5j3iqFAOA2P58:D8WZmiKZDo2r3iwAEB
-
Downloads MZ/PE file
-
Loads dropped DLL
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-