General
-
Target
14cd6d9cbad80b0e4076212bf7ad937f.exe
-
Size
290KB
-
Sample
240506-a7gevsed87
-
MD5
14cd6d9cbad80b0e4076212bf7ad937f
-
SHA1
6f553fad2fd973d52dec55582490eb8c3a35b6e1
-
SHA256
1738d5ec9cf4a62d3bebdb8690d208dc4e9bb957ba427233920a2195b04bb52e
-
SHA512
ca8e1d03dec6ec41eba8b169ef3ce70a1f0acde0c0a9592d99f0d0013577647826a1711ef923b19bb00abc0a87cca240a042f3a237cec13ded5793519d7d56cf
-
SSDEEP
3072:89dR4sFy2KJnd64kX/qCdx7Hto4r7uYl4HN+5BOlmXvg1T/dO:89dR4I58ndnkXiCpTeYl4HNyO8XYt/w
Static task
static1
Behavioral task
behavioral1
Sample
14cd6d9cbad80b0e4076212bf7ad937f.exe
Resource
win7-20240221-en
Malware Config
Extracted
stealc
http://okkolus.com
-
url_path
/cf5cbdf706840b3f.php
Targets
-
-
Target
14cd6d9cbad80b0e4076212bf7ad937f.exe
-
Size
290KB
-
MD5
14cd6d9cbad80b0e4076212bf7ad937f
-
SHA1
6f553fad2fd973d52dec55582490eb8c3a35b6e1
-
SHA256
1738d5ec9cf4a62d3bebdb8690d208dc4e9bb957ba427233920a2195b04bb52e
-
SHA512
ca8e1d03dec6ec41eba8b169ef3ce70a1f0acde0c0a9592d99f0d0013577647826a1711ef923b19bb00abc0a87cca240a042f3a237cec13ded5793519d7d56cf
-
SSDEEP
3072:89dR4sFy2KJnd64kX/qCdx7Hto4r7uYl4HN+5BOlmXvg1T/dO:89dR4I58ndnkXiCpTeYl4HNyO8XYt/w
-
Downloads MZ/PE file
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-