General
-
Target
d66068e58afeab602eb1b39d83e87631eb976e0a45294246939edb99b220d6ab
-
Size
412KB
-
Sample
240625-dhy56axdjc
-
MD5
f7a05e1d6cf2e58ff43ca6bbf36a0fe9
-
SHA1
9f4734e6da455c5d1c46e14dd14a52801d23cf81
-
SHA256
d66068e58afeab602eb1b39d83e87631eb976e0a45294246939edb99b220d6ab
-
SHA512
cb808a891f66b26717676167cec3e131a6a7efacc60f3d45d307378cb577ba6d112a449186317fed66c175e802925373cf63de0eac21019be6502a18719e8e82
-
SSDEEP
12288:cY/FYC54gDW4b0O6AvUeSx9eno8IsGJmoLt4EO:ZP4gqe36A8eK9Uy4t
Static task
static1
Behavioral task
behavioral1
Sample
d66068e58afeab602eb1b39d83e87631eb976e0a45294246939edb99b220d6ab.exe
Resource
win7-20240508-en
Malware Config
Extracted
stealc
default
http://147.45.47.163
-
url_path
/eb6f29c6a60b3865.php
Targets
-
-
Target
d66068e58afeab602eb1b39d83e87631eb976e0a45294246939edb99b220d6ab
-
Size
412KB
-
MD5
f7a05e1d6cf2e58ff43ca6bbf36a0fe9
-
SHA1
9f4734e6da455c5d1c46e14dd14a52801d23cf81
-
SHA256
d66068e58afeab602eb1b39d83e87631eb976e0a45294246939edb99b220d6ab
-
SHA512
cb808a891f66b26717676167cec3e131a6a7efacc60f3d45d307378cb577ba6d112a449186317fed66c175e802925373cf63de0eac21019be6502a18719e8e82
-
SSDEEP
12288:cY/FYC54gDW4b0O6AvUeSx9eno8IsGJmoLt4EO:ZP4gqe36A8eK9Uy4t
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Suspicious use of SetThreadContext
-