General
-
Target
8d1a21cdb8b4876b5cd4841030fd8faa6501dfca19cc724f27e5136815e918f7
-
Size
218KB
-
Sample
240524-ppsgqsca63
-
MD5
788ddda979da4906434eaa42be724bbc
-
SHA1
dea2d2276d0c0ef5b092ec7e8422bae689b77762
-
SHA256
8d1a21cdb8b4876b5cd4841030fd8faa6501dfca19cc724f27e5136815e918f7
-
SHA512
06d9a8d7a86e80e6c9aa9c725cdd45eba0d98c64292da82eef214656f88224970f988844cf1af0c646f0be24ed363cccae08f0f71a48d9c87a40e52f7cea92f4
-
SSDEEP
3072:Au5nshwhCIjVDGiPUl+4BhD+VaYpV4ovhOBIJeOVPBgoud32v92dFQKy:PshgxBPUF6t4s2ieOVPmoud3N7
Static task
static1
Behavioral task
behavioral1
Sample
8d1a21cdb8b4876b5cd4841030fd8faa6501dfca19cc724f27e5136815e918f7.exe
Resource
win10v2004-20240508-en
Malware Config
Extracted
stealc
default11
http://185.172.128.170
-
url_path
/7043a0c6a68d9c65.php
Targets
-
-
Target
8d1a21cdb8b4876b5cd4841030fd8faa6501dfca19cc724f27e5136815e918f7
-
Size
218KB
-
MD5
788ddda979da4906434eaa42be724bbc
-
SHA1
dea2d2276d0c0ef5b092ec7e8422bae689b77762
-
SHA256
8d1a21cdb8b4876b5cd4841030fd8faa6501dfca19cc724f27e5136815e918f7
-
SHA512
06d9a8d7a86e80e6c9aa9c725cdd45eba0d98c64292da82eef214656f88224970f988844cf1af0c646f0be24ed363cccae08f0f71a48d9c87a40e52f7cea92f4
-
SSDEEP
3072:Au5nshwhCIjVDGiPUl+4BhD+VaYpV4ovhOBIJeOVPBgoud32v92dFQKy:PshgxBPUF6t4s2ieOVPmoud3N7
-
Downloads MZ/PE file
-
Loads dropped DLL
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-