General
-
Target
stub.exe
-
Size
39.1MB
-
Sample
240606-hjc2jabf84
-
MD5
ceac7c6f3ef1dd5ed484339140ec4b29
-
SHA1
dd3e4dc76baf79a350ab81c3a41a8d60603cf2b6
-
SHA256
1d148bae80213f195da2521cd6a1d16f0d595d534dbf62c29a942fa2afc53894
-
SHA512
1f26e8a702b0ae5c106dab38627877b404cc896d021653c9fca0e9feb2b5ce03d814d3a9f760ff43ccfd07174f304651c68f7a650b19344a4f64ce5927ccdcbe
-
SSDEEP
786432:e+gX4BMdhwzTQXR5FbPp6FcSS5U/LT2KzVyPVL9jvzVSH1QtI6a8DZcLlqZi0sx:8XGMK4XR3bLSCU/+6yPlhvhSViIb6pif
Behavioral task
behavioral1
Sample
stub.exe
Resource
win7-20240508-en
Malware Config
Targets
-
-
Target
stub.exe
-
Size
39.1MB
-
MD5
ceac7c6f3ef1dd5ed484339140ec4b29
-
SHA1
dd3e4dc76baf79a350ab81c3a41a8d60603cf2b6
-
SHA256
1d148bae80213f195da2521cd6a1d16f0d595d534dbf62c29a942fa2afc53894
-
SHA512
1f26e8a702b0ae5c106dab38627877b404cc896d021653c9fca0e9feb2b5ce03d814d3a9f760ff43ccfd07174f304651c68f7a650b19344a4f64ce5927ccdcbe
-
SSDEEP
786432:e+gX4BMdhwzTQXR5FbPp6FcSS5U/LT2KzVyPVL9jvzVSH1QtI6a8DZcLlqZi0sx:8XGMK4XR3bLSCU/+6yPlhvhSViIb6pif
-
Loads dropped DLL
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Legitimate hosting services abused for malware hosting/C2
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-