General
-
Target
8da8520fa5bda5733494fff2abf0242448fdb52e5d1bae55cc66a74d7702f956
-
Size
212KB
-
Sample
240523-ebbxqach89
-
MD5
2e72584abaef6cb1adf8b8fa18ca6175
-
SHA1
9b0efe635a4bac9ebc6f0636393e4f98f5dd6c5e
-
SHA256
8da8520fa5bda5733494fff2abf0242448fdb52e5d1bae55cc66a74d7702f956
-
SHA512
106895c867b963ded0b59e36122ff0ba4da1d59b03370049c006e02fa3b0f966e7be859f9d7b1667165bfd73f3c1637840670784ae4c5eca3ecda70ea0f12f28
-
SSDEEP
3072:/sC2EVwnBBsiBpJbEm3A7PrWnMIJglfqrY2Z6+Oswwq4GRHcaWZ3sUsyUIIUslhJ:VO3XMr9guHVwUylsTNk0fz
Static task
static1
Behavioral task
behavioral1
Sample
8da8520fa5bda5733494fff2abf0242448fdb52e5d1bae55cc66a74d7702f956.exe
Resource
win10v2004-20240426-en
Malware Config
Extracted
stealc
default11
http://185.172.128.170
-
url_path
/7043a0c6a68d9c65.php
Targets
-
-
Target
8da8520fa5bda5733494fff2abf0242448fdb52e5d1bae55cc66a74d7702f956
-
Size
212KB
-
MD5
2e72584abaef6cb1adf8b8fa18ca6175
-
SHA1
9b0efe635a4bac9ebc6f0636393e4f98f5dd6c5e
-
SHA256
8da8520fa5bda5733494fff2abf0242448fdb52e5d1bae55cc66a74d7702f956
-
SHA512
106895c867b963ded0b59e36122ff0ba4da1d59b03370049c006e02fa3b0f966e7be859f9d7b1667165bfd73f3c1637840670784ae4c5eca3ecda70ea0f12f28
-
SSDEEP
3072:/sC2EVwnBBsiBpJbEm3A7PrWnMIJglfqrY2Z6+Oswwq4GRHcaWZ3sUsyUIIUslhJ:VO3XMr9guHVwUylsTNk0fz
-
Downloads MZ/PE file
-
Loads dropped DLL
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-