General
-
Target
ecaa6655bef1c90bf1fa78e326b9df7561a7df156315f1ce1abef710ea925104
-
Size
266KB
-
Sample
240507-sylmbsdb31
-
MD5
6bab6de801426725e2bfb5fe5e618be3
-
SHA1
a95566e6494f403bee7ba8f87740afb7b2390a71
-
SHA256
ecaa6655bef1c90bf1fa78e326b9df7561a7df156315f1ce1abef710ea925104
-
SHA512
6e9940f12e2bca37d3df5e35627a013a42229a5a91c6393a712f955e3450b0edd4dbb161c43b61905a0e16e778d91a5880d9e2e65958c09b77252e117c6cb101
-
SSDEEP
1536:WjX8O4GZcRzBrMe2VTP4koi0c9f9IMwua2yPr50h4p5n49VCabAuXDOvP8Vy89hP:Wg74Yi0kfugviqdNbhuPR4t5f2hLU
Static task
static1
Behavioral task
behavioral1
Sample
ecaa6655bef1c90bf1fa78e326b9df7561a7df156315f1ce1abef710ea925104.exe
Resource
win10v2004-20240419-en
Malware Config
Extracted
stealc
http://185.172.128.150
-
url_path
/c698e1bc8a2f5e6d.php
Targets
-
-
Target
ecaa6655bef1c90bf1fa78e326b9df7561a7df156315f1ce1abef710ea925104
-
Size
266KB
-
MD5
6bab6de801426725e2bfb5fe5e618be3
-
SHA1
a95566e6494f403bee7ba8f87740afb7b2390a71
-
SHA256
ecaa6655bef1c90bf1fa78e326b9df7561a7df156315f1ce1abef710ea925104
-
SHA512
6e9940f12e2bca37d3df5e35627a013a42229a5a91c6393a712f955e3450b0edd4dbb161c43b61905a0e16e778d91a5880d9e2e65958c09b77252e117c6cb101
-
SSDEEP
1536:WjX8O4GZcRzBrMe2VTP4koi0c9f9IMwua2yPr50h4p5n49VCabAuXDOvP8Vy89hP:Wg74Yi0kfugviqdNbhuPR4t5f2hLU
-
Downloads MZ/PE file
-
Loads dropped DLL
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-