General
-
Target
FlazeAllV1.exe
-
Size
20.0MB
-
Sample
240605-wc9c2sdc8t
-
MD5
6ef1499851e7f3c2c832716ee14fe54a
-
SHA1
06922c2148f10f2579b15235dfd668d78ff80f53
-
SHA256
82096f816cf0825c119c9b58d1ffad32f78bed20a8ca76ed287370abe2921260
-
SHA512
d26adb173415a3d5c0404d8683c5427b8cbf48802bf54af0850e5aa9f7860c5c394aba7a8e0b260511f429623bfba7931a9cb70f4952003e200fc80151d7839c
-
SSDEEP
393216:dcEkZQtsumL01+l+uq+Vvz1+TtIiFqCuARuAQhFXmbarkEWL60gMv86C:dchQtsD01+l+uqgvz1QtI1CuAgh8aAEB
Behavioral task
behavioral1
Sample
FlazeAllV1.exe
Resource
win7-20240221-en
Malware Config
Targets
-
-
Target
FlazeAllV1.exe
-
Size
20.0MB
-
MD5
6ef1499851e7f3c2c832716ee14fe54a
-
SHA1
06922c2148f10f2579b15235dfd668d78ff80f53
-
SHA256
82096f816cf0825c119c9b58d1ffad32f78bed20a8ca76ed287370abe2921260
-
SHA512
d26adb173415a3d5c0404d8683c5427b8cbf48802bf54af0850e5aa9f7860c5c394aba7a8e0b260511f429623bfba7931a9cb70f4952003e200fc80151d7839c
-
SSDEEP
393216:dcEkZQtsumL01+l+uq+Vvz1+TtIiFqCuARuAQhFXmbarkEWL60gMv86C:dchQtsD01+l+uqgvz1QtI1CuAgh8aAEB
-
Drops startup file
-
Loads dropped DLL
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Legitimate hosting services abused for malware hosting/C2
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-