General
-
Target
ee3c5b8ce2a5b1d40648fb75dd04df8bf6809c502911ddad87830a5b93253229
-
Size
265KB
-
Sample
240507-mkezqseh55
-
MD5
eeb8bf563a205225145140f3cd2de0f6
-
SHA1
6cb88d794e216abba97465a0e6eca264820bd69f
-
SHA256
ee3c5b8ce2a5b1d40648fb75dd04df8bf6809c502911ddad87830a5b93253229
-
SHA512
8b126db244a0b50df0f438b2f517ef4adf72b96f982ca006ef0751655796d1274004ff2dce40d9bb96e982dc6d960455253a71e299e3a2f2be6cc8c283a45d20
-
SSDEEP
3072:Ya7BsB9EH3hSip4Jm4GDOu1QMFcKE3Gz5mpuQxK:YyXoipig51zUpuM
Static task
static1
Behavioral task
behavioral1
Sample
ee3c5b8ce2a5b1d40648fb75dd04df8bf6809c502911ddad87830a5b93253229.exe
Resource
win10v2004-20240419-en
Malware Config
Extracted
stealc
http://185.172.128.150
-
url_path
/c698e1bc8a2f5e6d.php
Targets
-
-
Target
ee3c5b8ce2a5b1d40648fb75dd04df8bf6809c502911ddad87830a5b93253229
-
Size
265KB
-
MD5
eeb8bf563a205225145140f3cd2de0f6
-
SHA1
6cb88d794e216abba97465a0e6eca264820bd69f
-
SHA256
ee3c5b8ce2a5b1d40648fb75dd04df8bf6809c502911ddad87830a5b93253229
-
SHA512
8b126db244a0b50df0f438b2f517ef4adf72b96f982ca006ef0751655796d1274004ff2dce40d9bb96e982dc6d960455253a71e299e3a2f2be6cc8c283a45d20
-
SSDEEP
3072:Ya7BsB9EH3hSip4Jm4GDOu1QMFcKE3Gz5mpuQxK:YyXoipig51zUpuM
-
Downloads MZ/PE file
-
Loads dropped DLL
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-