General
-
Target
5f7405deda35553304e76f488596a8930a1ed7763f5b3b5851f76cc759802c2c.exe
-
Size
299KB
-
Sample
240524-qng52sfe51
-
MD5
4b419f1cd647c483b411971db4c72ea3
-
SHA1
2e80f66bd98b7d684370221e3acaab5091cb0618
-
SHA256
5f7405deda35553304e76f488596a8930a1ed7763f5b3b5851f76cc759802c2c
-
SHA512
9c3117f949c7804cbf288b14b4af4d0cc26ceb6a2c7552ac4f58acc04610b335b969f26a4afdf82d1dee7072ce22fdded561011032af9c4e7f6cb3666c9314dc
-
SSDEEP
3072:5EgpG+bQGCYcMAohEJ4UpaeZ4r1JVIeX4kd1yoYSF5ONh+m62Ul:5dpb13Aoq4HeSrxI8qSWNh+mS
Static task
static1
Behavioral task
behavioral1
Sample
5f7405deda35553304e76f488596a8930a1ed7763f5b3b5851f76cc759802c2c.exe
Resource
win7-20231129-en
Malware Config
Extracted
stealc
default11
http://185.172.128.170
-
url_path
/7043a0c6a68d9c65.php
Targets
-
-
Target
5f7405deda35553304e76f488596a8930a1ed7763f5b3b5851f76cc759802c2c.exe
-
Size
299KB
-
MD5
4b419f1cd647c483b411971db4c72ea3
-
SHA1
2e80f66bd98b7d684370221e3acaab5091cb0618
-
SHA256
5f7405deda35553304e76f488596a8930a1ed7763f5b3b5851f76cc759802c2c
-
SHA512
9c3117f949c7804cbf288b14b4af4d0cc26ceb6a2c7552ac4f58acc04610b335b969f26a4afdf82d1dee7072ce22fdded561011032af9c4e7f6cb3666c9314dc
-
SSDEEP
3072:5EgpG+bQGCYcMAohEJ4UpaeZ4r1JVIeX4kd1yoYSF5ONh+m62Ul:5dpb13Aoq4HeSrxI8qSWNh+mS
-
Downloads MZ/PE file
-
Loads dropped DLL
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-