General
-
Target
046bda63daa8c10bfc47787cc10c27b6ef3060334e352c0ad41a03cee8d06916
-
Size
308KB
-
Sample
240523-fqe4csef59
-
MD5
e0121a3727efebd8665f7b82baba45f7
-
SHA1
4d9e1794e19bc567797559439c4893310605c4cf
-
SHA256
046bda63daa8c10bfc47787cc10c27b6ef3060334e352c0ad41a03cee8d06916
-
SHA512
1f4e655ea1feb9f9d759a96399e45c6001ce51c7cf6fe3743419b46b23362869fd705b668926faccaf4a09e7fb7218b8ac105422d51f6df9a2679104ddeba177
-
SSDEEP
3072:s0lcIT6fvR8FX83Ao2df3/m5mHG2J6FzuiHqErv6u5cwpijU0:s0lcw6d2pm5mTqqs6s
Static task
static1
Behavioral task
behavioral1
Sample
046bda63daa8c10bfc47787cc10c27b6ef3060334e352c0ad41a03cee8d06916.exe
Resource
win10v2004-20240426-en
Malware Config
Extracted
stealc
default11
http://185.172.128.170
-
url_path
/7043a0c6a68d9c65.php
Targets
-
-
Target
046bda63daa8c10bfc47787cc10c27b6ef3060334e352c0ad41a03cee8d06916
-
Size
308KB
-
MD5
e0121a3727efebd8665f7b82baba45f7
-
SHA1
4d9e1794e19bc567797559439c4893310605c4cf
-
SHA256
046bda63daa8c10bfc47787cc10c27b6ef3060334e352c0ad41a03cee8d06916
-
SHA512
1f4e655ea1feb9f9d759a96399e45c6001ce51c7cf6fe3743419b46b23362869fd705b668926faccaf4a09e7fb7218b8ac105422d51f6df9a2679104ddeba177
-
SSDEEP
3072:s0lcIT6fvR8FX83Ao2df3/m5mHG2J6FzuiHqErv6u5cwpijU0:s0lcw6d2pm5mTqqs6s
-
Downloads MZ/PE file
-
Loads dropped DLL
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-