General
-
Target
5582b042cd5654b5fe130a0ecb5c1e6a4acafc2699e43623625d0ec1393e7439
-
Size
291KB
-
Sample
240507-2v6b1afc87
-
MD5
09cce7e12afde07e856d5b9bd990b945
-
SHA1
69fdc0f8b44a74c3d2230837dd8f921d33be5ad8
-
SHA256
5582b042cd5654b5fe130a0ecb5c1e6a4acafc2699e43623625d0ec1393e7439
-
SHA512
55f479aa7e01174d496f6114d432ab5f6899f8b1b84539fe0f4aa9531f02940ffaa4927a9d6e926b121db1c7a50d8473177f0b9f6b549fc2923c1e361bb4e0dc
-
SSDEEP
3072:Q4vDiILrTSTgbSQ0muEXtQM2VqWTDnwzn9DYsDek55WeqDqu0E5PUiLi:Q4vDikr+ESq3F2wWTzwr90sakie8zf
Static task
static1
Behavioral task
behavioral1
Sample
5582b042cd5654b5fe130a0ecb5c1e6a4acafc2699e43623625d0ec1393e7439.exe
Resource
win7-20231129-en
Malware Config
Extracted
stealc
http://185.172.128.151
-
url_path
/7043a0c6a68d9c65.php
Targets
-
-
Target
5582b042cd5654b5fe130a0ecb5c1e6a4acafc2699e43623625d0ec1393e7439
-
Size
291KB
-
MD5
09cce7e12afde07e856d5b9bd990b945
-
SHA1
69fdc0f8b44a74c3d2230837dd8f921d33be5ad8
-
SHA256
5582b042cd5654b5fe130a0ecb5c1e6a4acafc2699e43623625d0ec1393e7439
-
SHA512
55f479aa7e01174d496f6114d432ab5f6899f8b1b84539fe0f4aa9531f02940ffaa4927a9d6e926b121db1c7a50d8473177f0b9f6b549fc2923c1e361bb4e0dc
-
SSDEEP
3072:Q4vDiILrTSTgbSQ0muEXtQM2VqWTDnwzn9DYsDek55WeqDqu0E5PUiLi:Q4vDikr+ESq3F2wWTzwr90sakie8zf
-
Downloads MZ/PE file
-
Loads dropped DLL
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-