General
-
Target
dcc89ce6d0af2a1090f197d6f1fc38ca0effb0d7ab21b16ce8c06c82f0da2484
-
Size
276KB
-
Sample
240505-nepsesgd6w
-
MD5
1d1c8bc5f96f8fba5111c6bbcded15b7
-
SHA1
c7e698e23ef23939c0a35561687dbdf1fd882ec0
-
SHA256
dcc89ce6d0af2a1090f197d6f1fc38ca0effb0d7ab21b16ce8c06c82f0da2484
-
SHA512
bd38bfd979b7619b53e41bb6c7c3cb99b822a4c3d8eaa768f06ef74b3f37588a04e343c87bc4342b41adfd0961f2d96062703c8c6620231122db2c7cb916fdec
-
SSDEEP
3072:pB95F0a4sFg70Vugoe+6PmidMsEHVpv3FN5WlPUE5l:t0aj6/eztdM1dMlPZ
Static task
static1
Behavioral task
behavioral1
Sample
dcc89ce6d0af2a1090f197d6f1fc38ca0effb0d7ab21b16ce8c06c82f0da2484.exe
Resource
win10v2004-20240426-en
Malware Config
Extracted
stealc
http://185.172.128.151
-
url_path
/7043a0c6a68d9c65.php
Targets
-
-
Target
dcc89ce6d0af2a1090f197d6f1fc38ca0effb0d7ab21b16ce8c06c82f0da2484
-
Size
276KB
-
MD5
1d1c8bc5f96f8fba5111c6bbcded15b7
-
SHA1
c7e698e23ef23939c0a35561687dbdf1fd882ec0
-
SHA256
dcc89ce6d0af2a1090f197d6f1fc38ca0effb0d7ab21b16ce8c06c82f0da2484
-
SHA512
bd38bfd979b7619b53e41bb6c7c3cb99b822a4c3d8eaa768f06ef74b3f37588a04e343c87bc4342b41adfd0961f2d96062703c8c6620231122db2c7cb916fdec
-
SSDEEP
3072:pB95F0a4sFg70Vugoe+6PmidMsEHVpv3FN5WlPUE5l:t0aj6/eztdM1dMlPZ
-
Downloads MZ/PE file
-
Loads dropped DLL
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-