General
-
Target
L1xkp63.exe
-
Size
6.9MB
-
Sample
240620-selszstcqf
-
MD5
211d7a5a4a6e3b776bc787e807420046
-
SHA1
836571b3b5e5193a4ba13d1e3f30546bac3183c7
-
SHA256
5d6348fe77a9b9e274c5b81788c72a59e59dfca307516b3d23dc2f77e0501b1c
-
SHA512
ea56ba4199f62c01ffa9a528bfc0a6c0943a4fd596293a6eac1144e5e3ed952beafb03eb7a47941b93eb876043762836d32f41228983daf3ebbf9083b28c6e7f
-
SSDEEP
98304:Y5DjWM8JEE1rQcamaHl3Ne4i3Tf2PkOpfW9hZMMoVmkzhxIdfXeRGYKJJcGhEIF1:Y50AdeNTfm/pf+xk4dWRGtrbWOjgWyM
Behavioral task
behavioral1
Sample
L1xkp63.exe
Resource
win11-20240611-en
Malware Config
Targets
-
-
Target
L1xkp63.exe
-
Size
6.9MB
-
MD5
211d7a5a4a6e3b776bc787e807420046
-
SHA1
836571b3b5e5193a4ba13d1e3f30546bac3183c7
-
SHA256
5d6348fe77a9b9e274c5b81788c72a59e59dfca307516b3d23dc2f77e0501b1c
-
SHA512
ea56ba4199f62c01ffa9a528bfc0a6c0943a4fd596293a6eac1144e5e3ed952beafb03eb7a47941b93eb876043762836d32f41228983daf3ebbf9083b28c6e7f
-
SSDEEP
98304:Y5DjWM8JEE1rQcamaHl3Ne4i3Tf2PkOpfW9hZMMoVmkzhxIdfXeRGYKJJcGhEIF1:Y50AdeNTfm/pf+xk4dWRGtrbWOjgWyM
-
Drops file in Drivers directory
-
Executes dropped EXE
-
Loads dropped DLL
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Legitimate hosting services abused for malware hosting/C2
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-