General
-
Target
169e20d81a2cd35fa8228c6daefb957024e4c387645e859c25aa38fc6f08ad3c
-
Size
275KB
-
Sample
240505-kfszpacd3x
-
MD5
9cfa509be156607807515017f1ff019e
-
SHA1
d6ea3d4ec533b6ab9f255318aeb056d8a6394715
-
SHA256
169e20d81a2cd35fa8228c6daefb957024e4c387645e859c25aa38fc6f08ad3c
-
SHA512
217238b18f7cded22ed25dfa8613d8628b5b9a656b4e7a2868b79265ade77b4592264fdad02dee5796d953e1323ea8c7cda15703b47deace18672e34909e7334
-
SSDEEP
3072:QBBCtQKvH8iHATxiyHiUDI0yGqhVO4rQy5W3z58:ZQKH8ZgyCU00y1VO4i3F
Static task
static1
Behavioral task
behavioral1
Sample
169e20d81a2cd35fa8228c6daefb957024e4c387645e859c25aa38fc6f08ad3c.exe
Resource
win10v2004-20240426-en
Malware Config
Extracted
stealc
http://185.172.128.150
-
url_path
/c698e1bc8a2f5e6d.php
Targets
-
-
Target
169e20d81a2cd35fa8228c6daefb957024e4c387645e859c25aa38fc6f08ad3c
-
Size
275KB
-
MD5
9cfa509be156607807515017f1ff019e
-
SHA1
d6ea3d4ec533b6ab9f255318aeb056d8a6394715
-
SHA256
169e20d81a2cd35fa8228c6daefb957024e4c387645e859c25aa38fc6f08ad3c
-
SHA512
217238b18f7cded22ed25dfa8613d8628b5b9a656b4e7a2868b79265ade77b4592264fdad02dee5796d953e1323ea8c7cda15703b47deace18672e34909e7334
-
SSDEEP
3072:QBBCtQKvH8iHATxiyHiUDI0yGqhVO4rQy5W3z58:ZQKH8ZgyCU00y1VO4i3F
-
Downloads MZ/PE file
-
Loads dropped DLL
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-