General
-
Target
App6.exe
-
Size
20.9MB
-
Sample
240618-xcjytsycrq
-
MD5
4d8c25236bbf32d9470f3ab7316e1652
-
SHA1
0662ccfb31aa070718a84ab0e591851c72ec1c27
-
SHA256
be4b7ce185c2ae9640894b97e30b3faa9d99794560638fcbd04935b5f74d6e4d
-
SHA512
9174858839fbde8788d5423097c0147e469e107cb96ebbc22033e2a753e3b9b6c8ad3fda9512a4f8157025b1702e486cdf0c67d70bc974543b9aae6ef561e823
-
SSDEEP
393216:CEkZQtss27DNL01+l+uq+VvbW+eGQRg93iObIhRS/PcLzrq+6oAd8XTN:ChQtsBB01+l+uqgvbW+e5R49MhR+c/em
Behavioral task
behavioral1
Sample
App6.exe
Resource
win7-20231129-it
Malware Config
Targets
-
-
Target
App6.exe
-
Size
20.9MB
-
MD5
4d8c25236bbf32d9470f3ab7316e1652
-
SHA1
0662ccfb31aa070718a84ab0e591851c72ec1c27
-
SHA256
be4b7ce185c2ae9640894b97e30b3faa9d99794560638fcbd04935b5f74d6e4d
-
SHA512
9174858839fbde8788d5423097c0147e469e107cb96ebbc22033e2a753e3b9b6c8ad3fda9512a4f8157025b1702e486cdf0c67d70bc974543b9aae6ef561e823
-
SSDEEP
393216:CEkZQtss27DNL01+l+uq+VvbW+eGQRg93iObIhRS/PcLzrq+6oAd8XTN:ChQtsBB01+l+uqgvbW+e5R49MhR+c/em
-
Drops startup file
-
Loads dropped DLL
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-