General
-
Target
61c0a64bfe9888a239b36e6ff9ca4a146a16cf8a8a6cea73c192294e95c60c19.exe
-
Size
1.0MB
-
Sample
240517-msbmaaeb6x
-
MD5
0340a002bf0a8c4a243f4bbef0834236
-
SHA1
71721084d269c34ebafc424d8b0234ded561572d
-
SHA256
61c0a64bfe9888a239b36e6ff9ca4a146a16cf8a8a6cea73c192294e95c60c19
-
SHA512
9acd257f77e7884b167cb702b8c47d26d533d07d0cef76b7eca0edc03cd7e0ecd7e17947142d42ed242f2eecab12fa20cb7a6e684f4c81362a23ab84e4971e57
-
SSDEEP
24576:lMw+WkUCBvydcz3A8INztR7C2GcyKSaEo3hSWnkMLbiQ8zLvMM2ZkhG:lMw+WCBvCUA8CS3K1LxSWnkUbi3dMkhG
Static task
static1
Behavioral task
behavioral1
Sample
61c0a64bfe9888a239b36e6ff9ca4a146a16cf8a8a6cea73c192294e95c60c19.exe
Resource
win7-20240221-en
Malware Config
Targets
-
-
Target
61c0a64bfe9888a239b36e6ff9ca4a146a16cf8a8a6cea73c192294e95c60c19.exe
-
Size
1.0MB
-
MD5
0340a002bf0a8c4a243f4bbef0834236
-
SHA1
71721084d269c34ebafc424d8b0234ded561572d
-
SHA256
61c0a64bfe9888a239b36e6ff9ca4a146a16cf8a8a6cea73c192294e95c60c19
-
SHA512
9acd257f77e7884b167cb702b8c47d26d533d07d0cef76b7eca0edc03cd7e0ecd7e17947142d42ed242f2eecab12fa20cb7a6e684f4c81362a23ab84e4971e57
-
SSDEEP
24576:lMw+WkUCBvydcz3A8INztR7C2GcyKSaEo3hSWnkMLbiQ8zLvMM2ZkhG:lMw+WCBvCUA8CS3K1LxSWnkUbi3dMkhG
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-