General
-
Target
4a35a138535b3db43de48e1d934ea777ec9345a3e8f8553a2851fe34c6818cb6
-
Size
275KB
-
Sample
240507-2qnw6acc51
-
MD5
3683ae86d09d7c4b3c713ebc9d909d77
-
SHA1
ad2e2254b65258c7082e174d08fe9dee7152f4eb
-
SHA256
4a35a138535b3db43de48e1d934ea777ec9345a3e8f8553a2851fe34c6818cb6
-
SHA512
1e15f6e45bb615d20558794cda09d14592682265136dd0519464fdd6a1671fde46924e4b05046d2afc2be6d670471cef4c3cd77c36ad7686fb2a46c8d32c49ef
-
SSDEEP
3072:U5kqQ8yha9EldS5U/DKelgaa+LVafohkRf5jMyS5E:H839EldS2LKkajMgDo
Static task
static1
Behavioral task
behavioral1
Sample
4a35a138535b3db43de48e1d934ea777ec9345a3e8f8553a2851fe34c6818cb6.exe
Resource
win7-20240215-en
Malware Config
Extracted
stealc
http://185.172.128.151
-
url_path
/7043a0c6a68d9c65.php
Targets
-
-
Target
4a35a138535b3db43de48e1d934ea777ec9345a3e8f8553a2851fe34c6818cb6
-
Size
275KB
-
MD5
3683ae86d09d7c4b3c713ebc9d909d77
-
SHA1
ad2e2254b65258c7082e174d08fe9dee7152f4eb
-
SHA256
4a35a138535b3db43de48e1d934ea777ec9345a3e8f8553a2851fe34c6818cb6
-
SHA512
1e15f6e45bb615d20558794cda09d14592682265136dd0519464fdd6a1671fde46924e4b05046d2afc2be6d670471cef4c3cd77c36ad7686fb2a46c8d32c49ef
-
SSDEEP
3072:U5kqQ8yha9EldS5U/DKelgaa+LVafohkRf5jMyS5E:H839EldS2LKkajMgDo
-
Downloads MZ/PE file
-
Loads dropped DLL
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-