General
-
Target
9e5bf632872b33aba312ae443bf1b2eaa0e8dd33dac27e72a604bb12394c1b73
-
Size
275KB
-
Sample
240507-l1sp4aea45
-
MD5
1c84e4dfaade26a7b2cc1d2e7efcc321
-
SHA1
0b3038c2fdd6cd0bed2337d222766c456fbb3d3a
-
SHA256
9e5bf632872b33aba312ae443bf1b2eaa0e8dd33dac27e72a604bb12394c1b73
-
SHA512
49deed24a5379a22129da529afcc8101e20717b28c4b8ffc1511ad751cd61db8c17ef2ecb50d6874f789b82e6cebfb502bc936a696afab08a4a55835238a39be
-
SSDEEP
3072:NBkg97V/FRxfAYCNGFLdwbusci5BPpuQxsexk:gg9R/FRxYYCNidwbu7GxuMHx
Static task
static1
Behavioral task
behavioral1
Sample
9e5bf632872b33aba312ae443bf1b2eaa0e8dd33dac27e72a604bb12394c1b73.exe
Resource
win10v2004-20240419-en
Malware Config
Extracted
stealc
http://185.172.128.151
-
url_path
/7043a0c6a68d9c65.php
Targets
-
-
Target
9e5bf632872b33aba312ae443bf1b2eaa0e8dd33dac27e72a604bb12394c1b73
-
Size
275KB
-
MD5
1c84e4dfaade26a7b2cc1d2e7efcc321
-
SHA1
0b3038c2fdd6cd0bed2337d222766c456fbb3d3a
-
SHA256
9e5bf632872b33aba312ae443bf1b2eaa0e8dd33dac27e72a604bb12394c1b73
-
SHA512
49deed24a5379a22129da529afcc8101e20717b28c4b8ffc1511ad751cd61db8c17ef2ecb50d6874f789b82e6cebfb502bc936a696afab08a4a55835238a39be
-
SSDEEP
3072:NBkg97V/FRxfAYCNGFLdwbusci5BPpuQxsexk:gg9R/FRxYYCNidwbu7GxuMHx
-
Downloads MZ/PE file
-
Loads dropped DLL
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-