General
-
Target
BlastedCrack.exe
-
Size
549KB
-
Sample
240512-vsg33afg6x
-
MD5
0321782a20a84473a2bf7204f4b94d49
-
SHA1
0232950dfddc20314c4bed9815590191ce31283c
-
SHA256
f1273b7c08ddef61d8240de5fb61c780575b9330c4868c383076e21a79d03d22
-
SHA512
5be35b75c329057f5cd81a532405cc55e5460a2992fc1a7e2585db68750215a80f9b019175d062a45291884da54431fe31f6f1b2daf600c25116857531eef0e5
-
SSDEEP
12288:UCQjgAtAHM+vetZxF5EWry8AJGy0wT+t13X2F:U5ZWs+OZVEWry8AFU3X2F
Static task
static1
Behavioral task
behavioral1
Sample
BlastedCrack.exe
Resource
win7-20240221-en
Malware Config
Extracted
44caliber
https://discord.com/api/webhooks/1217779080850706492/4knjig6DiCOeXSkGA1LGWaAo5XXa_s8z91RQ954jqRgqAhjOtgNK-aoBNJU45eHP5Ir2
Targets
-
-
Target
BlastedCrack.exe
-
Size
549KB
-
MD5
0321782a20a84473a2bf7204f4b94d49
-
SHA1
0232950dfddc20314c4bed9815590191ce31283c
-
SHA256
f1273b7c08ddef61d8240de5fb61c780575b9330c4868c383076e21a79d03d22
-
SHA512
5be35b75c329057f5cd81a532405cc55e5460a2992fc1a7e2585db68750215a80f9b019175d062a45291884da54431fe31f6f1b2daf600c25116857531eef0e5
-
SSDEEP
12288:UCQjgAtAHM+vetZxF5EWry8AJGy0wT+t13X2F:U5ZWs+OZVEWry8AFU3X2F
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-