General
-
Target
319872f02fc839a91e4e40058b1a93da35d2ee3de5158dc28dfbe89670152b9c
-
Size
335KB
-
Sample
240507-2j89hsbh2t
-
MD5
22b60bb6cb9ad18ab248700845896e2e
-
SHA1
b86bc99ec8db6365945919caf740164ba391adb3
-
SHA256
319872f02fc839a91e4e40058b1a93da35d2ee3de5158dc28dfbe89670152b9c
-
SHA512
a1e67f0c409ab0b4972d4a870ebd3c0a7cdec3b7a889b6d26a94a4534cfc75048d2893c6da926e68294521e510bd4e271b53e6b794efb5abfc2f6082a6d9f709
-
SSDEEP
6144:jOg8gpsNcCpaVUdosH50ZgoELI5eL10Whqi:jOg8gKcaBl68IsCi
Static task
static1
Behavioral task
behavioral1
Sample
319872f02fc839a91e4e40058b1a93da35d2ee3de5158dc28dfbe89670152b9c.exe
Resource
win7-20240221-en
Malware Config
Extracted
stealc
http://185.172.128.151
-
url_path
/7043a0c6a68d9c65.php
Targets
-
-
Target
319872f02fc839a91e4e40058b1a93da35d2ee3de5158dc28dfbe89670152b9c
-
Size
335KB
-
MD5
22b60bb6cb9ad18ab248700845896e2e
-
SHA1
b86bc99ec8db6365945919caf740164ba391adb3
-
SHA256
319872f02fc839a91e4e40058b1a93da35d2ee3de5158dc28dfbe89670152b9c
-
SHA512
a1e67f0c409ab0b4972d4a870ebd3c0a7cdec3b7a889b6d26a94a4534cfc75048d2893c6da926e68294521e510bd4e271b53e6b794efb5abfc2f6082a6d9f709
-
SSDEEP
6144:jOg8gpsNcCpaVUdosH50ZgoELI5eL10Whqi:jOg8gKcaBl68IsCi
-
Downloads MZ/PE file
-
Loads dropped DLL
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-