General
-
Target
5b7bf9c087481f9d142d6c5ed53ebd4ea50328d6ff4f02b13b36725b1889981c
-
Size
274KB
-
Sample
240507-2ygg2scg8t
-
MD5
2a2b66a52b2724d7f48f7ee06cf94a01
-
SHA1
1fc670533b901f41f448687e77b1b2ddad0f7bba
-
SHA256
5b7bf9c087481f9d142d6c5ed53ebd4ea50328d6ff4f02b13b36725b1889981c
-
SHA512
87cf130959c006e09f4cc96d676303ce7cee687622b150d221d8eea5e06fb363c934d6bd08c71dbb04fc41cb5b6bcd8a9771687b293ffac7aefaa66750ee6b14
-
SSDEEP
3072:/pJ8j0rgWRKOJpNrxeKu5P+anBu8TRPQT2FrnehdQB8IfVOIF1QY71oBca71xnO0:/pRPZPyPTXqUeKB8OEILLE1xnO1w6a
Static task
static1
Behavioral task
behavioral1
Sample
5b7bf9c087481f9d142d6c5ed53ebd4ea50328d6ff4f02b13b36725b1889981c.exe
Resource
win7-20240221-en
Malware Config
Extracted
stealc
http://185.172.128.151
-
url_path
/7043a0c6a68d9c65.php
Targets
-
-
Target
5b7bf9c087481f9d142d6c5ed53ebd4ea50328d6ff4f02b13b36725b1889981c
-
Size
274KB
-
MD5
2a2b66a52b2724d7f48f7ee06cf94a01
-
SHA1
1fc670533b901f41f448687e77b1b2ddad0f7bba
-
SHA256
5b7bf9c087481f9d142d6c5ed53ebd4ea50328d6ff4f02b13b36725b1889981c
-
SHA512
87cf130959c006e09f4cc96d676303ce7cee687622b150d221d8eea5e06fb363c934d6bd08c71dbb04fc41cb5b6bcd8a9771687b293ffac7aefaa66750ee6b14
-
SSDEEP
3072:/pJ8j0rgWRKOJpNrxeKu5P+anBu8TRPQT2FrnehdQB8IfVOIF1QY71oBca71xnO0:/pRPZPyPTXqUeKB8OEILLE1xnO1w6a
-
Downloads MZ/PE file
-
Loads dropped DLL
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-