General
-
Target
89d42dfdb5860ee3c3939d8c13d6fce3c95258cff2b83bc7df88d9ac2f6b3594
-
Size
276KB
-
Sample
240505-n9zwwahe5x
-
MD5
1a399b9b2bdeb9777486e51b01cfd05c
-
SHA1
a3813f4550a23cdfbc004cac3ec5222a3c38f415
-
SHA256
89d42dfdb5860ee3c3939d8c13d6fce3c95258cff2b83bc7df88d9ac2f6b3594
-
SHA512
e409af1d504330404c89614beb0ba4116c635e4d0c3cf0a8ba108ce4332b8ba3241350b765a98198c302c181da5e2c7fafaba30927183ee4c122aa025e3d92de
-
SSDEEP
3072:1B9JS032zh+zJIDKKZpEjZEK62E3pZ1Jye5WBOHOlJ5l:2038+yDrZpEjCH5jqBOU/
Static task
static1
Behavioral task
behavioral1
Sample
89d42dfdb5860ee3c3939d8c13d6fce3c95258cff2b83bc7df88d9ac2f6b3594.exe
Resource
win10v2004-20240419-en
Malware Config
Extracted
stealc
http://185.172.128.150
-
url_path
/c698e1bc8a2f5e6d.php
Targets
-
-
Target
89d42dfdb5860ee3c3939d8c13d6fce3c95258cff2b83bc7df88d9ac2f6b3594
-
Size
276KB
-
MD5
1a399b9b2bdeb9777486e51b01cfd05c
-
SHA1
a3813f4550a23cdfbc004cac3ec5222a3c38f415
-
SHA256
89d42dfdb5860ee3c3939d8c13d6fce3c95258cff2b83bc7df88d9ac2f6b3594
-
SHA512
e409af1d504330404c89614beb0ba4116c635e4d0c3cf0a8ba108ce4332b8ba3241350b765a98198c302c181da5e2c7fafaba30927183ee4c122aa025e3d92de
-
SSDEEP
3072:1B9JS032zh+zJIDKKZpEjZEK62E3pZ1Jye5WBOHOlJ5l:2038+yDrZpEjCH5jqBOU/
-
Downloads MZ/PE file
-
Loads dropped DLL
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-