General
-
Target
1cd6642c95b6f846b7c8b336c782278d3bed41919d1413796c11054d3d35f35d
-
Size
261KB
-
Sample
240507-3v6hfafb3z
-
MD5
be8d18f7f229dfc2ecc8d6880854303e
-
SHA1
5a06f96e84d5e03181a05d6629c1756c4b2d3bd6
-
SHA256
1cd6642c95b6f846b7c8b336c782278d3bed41919d1413796c11054d3d35f35d
-
SHA512
894778c4c961e37af9ddd2a3aa1c0e4633dcdf23bbfdab7d9502d14b726d9194129cc8938b4343e0afc9f5d422c67f3b96957894fb8cacbf0780f0e832ed3150
-
SSDEEP
3072:uHZrIKG5RFXH4eosbhDykkaM4v5aR5Dsui6myYDWA7k4Bmjl7ky5pVN8c3Gh:u5rIZZ3Y8Nykk1o5a3suiyVceF5mh
Static task
static1
Behavioral task
behavioral1
Sample
1cd6642c95b6f846b7c8b336c782278d3bed41919d1413796c11054d3d35f35d.exe
Resource
win10v2004-20240419-en
Malware Config
Extracted
stealc
http://185.172.128.151
-
url_path
/7043a0c6a68d9c65.php
Targets
-
-
Target
1cd6642c95b6f846b7c8b336c782278d3bed41919d1413796c11054d3d35f35d
-
Size
261KB
-
MD5
be8d18f7f229dfc2ecc8d6880854303e
-
SHA1
5a06f96e84d5e03181a05d6629c1756c4b2d3bd6
-
SHA256
1cd6642c95b6f846b7c8b336c782278d3bed41919d1413796c11054d3d35f35d
-
SHA512
894778c4c961e37af9ddd2a3aa1c0e4633dcdf23bbfdab7d9502d14b726d9194129cc8938b4343e0afc9f5d422c67f3b96957894fb8cacbf0780f0e832ed3150
-
SSDEEP
3072:uHZrIKG5RFXH4eosbhDykkaM4v5aR5Dsui6myYDWA7k4Bmjl7ky5pVN8c3Gh:u5rIZZ3Y8Nykk1o5a3suiyVceF5mh
-
Downloads MZ/PE file
-
Loads dropped DLL
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-