General
-
Target
3edf7cdb9654746ed94d70648413c1d2a3cda5d749c7f4b9aeb8586d7ed7be43
-
Size
301KB
-
Sample
240507-2mhwqsca7w
-
MD5
336147ee2b3fe7f2b0aeb92eefd0212f
-
SHA1
f0dea776470c506d217a10b964196dba89db769b
-
SHA256
3edf7cdb9654746ed94d70648413c1d2a3cda5d749c7f4b9aeb8586d7ed7be43
-
SHA512
2e286efcd0430f73bd83e2b550c7bf15b5dc66cb49ccc571828f9911185e3a0b8d24f1c3a706103b455bd7cf461af8cdbb90b1eff3284c96798690cd385f3c92
-
SSDEEP
3072:dlg/nR0yNNVRng3TgNd1rJAQZGc4w68nXLeFOm6dOEE3aOq7CP84WDu5caFRdzEL:4R0yNtn+8rAKSLtb38O7WDaGfd
Static task
static1
Behavioral task
behavioral1
Sample
3edf7cdb9654746ed94d70648413c1d2a3cda5d749c7f4b9aeb8586d7ed7be43.exe
Resource
win7-20240221-en
Malware Config
Extracted
stealc
http://185.172.128.151
-
url_path
/7043a0c6a68d9c65.php
Targets
-
-
Target
3edf7cdb9654746ed94d70648413c1d2a3cda5d749c7f4b9aeb8586d7ed7be43
-
Size
301KB
-
MD5
336147ee2b3fe7f2b0aeb92eefd0212f
-
SHA1
f0dea776470c506d217a10b964196dba89db769b
-
SHA256
3edf7cdb9654746ed94d70648413c1d2a3cda5d749c7f4b9aeb8586d7ed7be43
-
SHA512
2e286efcd0430f73bd83e2b550c7bf15b5dc66cb49ccc571828f9911185e3a0b8d24f1c3a706103b455bd7cf461af8cdbb90b1eff3284c96798690cd385f3c92
-
SSDEEP
3072:dlg/nR0yNNVRng3TgNd1rJAQZGc4w68nXLeFOm6dOEE3aOq7CP84WDu5caFRdzEL:4R0yNtn+8rAKSLtb38O7WDaGfd
-
Downloads MZ/PE file
-
Loads dropped DLL
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-