General
-
Target
8fdba4d5009feeceae3e259b1f2421bf2efa3b8eeaa24c2cfbdb594e39f97ac0
-
Size
217KB
-
Sample
240524-s7hl2aba31
-
MD5
1b0b8b80224388930e539cf3708d1f59
-
SHA1
8a500f8b2b33bb4f9925cc13e99bc5597811a039
-
SHA256
8fdba4d5009feeceae3e259b1f2421bf2efa3b8eeaa24c2cfbdb594e39f97ac0
-
SHA512
f914bb89174d2fe8634a277eb5ce4d80057ca8d5da29a6fcc84cb14bf43d7e83d06e822bde3b48e6be81c24218b9f3a62d0b3d04a6922268b8e246648a1e7bdd
-
SSDEEP
3072:9uJCEJPkNNhyayt78+0z+HbSBXAikKWR8y2Cn6WJFtUxhrF+Jl5VnOFaHpTk0hJi:yJMNnyBfckrb8y2Cn6gn8fr2
Static task
static1
Behavioral task
behavioral1
Sample
8fdba4d5009feeceae3e259b1f2421bf2efa3b8eeaa24c2cfbdb594e39f97ac0.exe
Resource
win10v2004-20240508-en
Malware Config
Extracted
stealc
default11
http://185.172.128.170
-
url_path
/7043a0c6a68d9c65.php
Targets
-
-
Target
8fdba4d5009feeceae3e259b1f2421bf2efa3b8eeaa24c2cfbdb594e39f97ac0
-
Size
217KB
-
MD5
1b0b8b80224388930e539cf3708d1f59
-
SHA1
8a500f8b2b33bb4f9925cc13e99bc5597811a039
-
SHA256
8fdba4d5009feeceae3e259b1f2421bf2efa3b8eeaa24c2cfbdb594e39f97ac0
-
SHA512
f914bb89174d2fe8634a277eb5ce4d80057ca8d5da29a6fcc84cb14bf43d7e83d06e822bde3b48e6be81c24218b9f3a62d0b3d04a6922268b8e246648a1e7bdd
-
SSDEEP
3072:9uJCEJPkNNhyayt78+0z+HbSBXAikKWR8y2Cn6WJFtUxhrF+Jl5VnOFaHpTk0hJi:yJMNnyBfckrb8y2Cn6gn8fr2
-
Downloads MZ/PE file
-
Loads dropped DLL
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-