General
-
Target
ca88d3fce100429498cd5c77a448af39969d6d9613a6471c2b0aeed337bdd20b
-
Size
329KB
-
Sample
240603-gwe6zsec2t
-
MD5
91d8b52e4e69f329372d2a01b2b671be
-
SHA1
4877e9042cc178ccd012307ac87c11f4451d8add
-
SHA256
ca88d3fce100429498cd5c77a448af39969d6d9613a6471c2b0aeed337bdd20b
-
SHA512
98b2581d9299697a1e7d8368d048254134ae41a549674e52b91e9c955322020a9bc049aa81abd4748c9488aa8f79c0335dc961675c7449b8004e7c19de6dacda
-
SSDEEP
3072:WcqjPeF9BPqwaKKZWwT0iLYRJ+1NU0IbUGvBYYgTKt0+FYqPY09MNckBJ5D/79X+:tF996DTBu9v4KtTFzPToD/79XndeTn
Static task
static1
Behavioral task
behavioral1
Sample
ca88d3fce100429498cd5c77a448af39969d6d9613a6471c2b0aeed337bdd20b.exe
Resource
win7-20240220-en
Malware Config
Extracted
stealc
default12
http://185.172.128.170
-
url_path
/7043a0c6a68d9c65.php
Targets
-
-
Target
ca88d3fce100429498cd5c77a448af39969d6d9613a6471c2b0aeed337bdd20b
-
Size
329KB
-
MD5
91d8b52e4e69f329372d2a01b2b671be
-
SHA1
4877e9042cc178ccd012307ac87c11f4451d8add
-
SHA256
ca88d3fce100429498cd5c77a448af39969d6d9613a6471c2b0aeed337bdd20b
-
SHA512
98b2581d9299697a1e7d8368d048254134ae41a549674e52b91e9c955322020a9bc049aa81abd4748c9488aa8f79c0335dc961675c7449b8004e7c19de6dacda
-
SSDEEP
3072:WcqjPeF9BPqwaKKZWwT0iLYRJ+1NU0IbUGvBYYgTKt0+FYqPY09MNckBJ5D/79X+:tF996DTBu9v4KtTFzPToD/79XndeTn
-
Downloads MZ/PE file
-
Executes dropped EXE
-
Loads dropped DLL
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-