General
-
Target
629858754aeb2aa30bfa440445edc9d928b03443f136a9fc7ec9373a1011320d
-
Size
389KB
-
Sample
240715-h82q7axgkc
-
MD5
01bf430eb3aae589ef6d4cdfcaa280b3
-
SHA1
95bcc1885670827f997c657b1d12d81a103015aa
-
SHA256
629858754aeb2aa30bfa440445edc9d928b03443f136a9fc7ec9373a1011320d
-
SHA512
57ac3df464ff3cac3bcf763f964a00790eb13b744159ff9e91e11f87e08cc9c1894308626419283c03f24fc1561d3b7124dbbb11e5ab71cc1bdd173f43415619
-
SSDEEP
6144:blILDyciFkeLnCUcx/IcoN6O2MW60/1oJiTqEfgv+cyTI9n0Q2di8QEO:bMiFHnC59d/15fMuTIn0ni8QEO
Static task
static1
Behavioral task
behavioral1
Sample
629858754aeb2aa30bfa440445edc9d928b03443f136a9fc7ec9373a1011320d.exe
Resource
win10v2004-20240709-en
Malware Config
Extracted
stealc
default
http://85.28.47.101
-
url_path
/f3ee98d7eec07fb9.php
Targets
-
-
Target
629858754aeb2aa30bfa440445edc9d928b03443f136a9fc7ec9373a1011320d
-
Size
389KB
-
MD5
01bf430eb3aae589ef6d4cdfcaa280b3
-
SHA1
95bcc1885670827f997c657b1d12d81a103015aa
-
SHA256
629858754aeb2aa30bfa440445edc9d928b03443f136a9fc7ec9373a1011320d
-
SHA512
57ac3df464ff3cac3bcf763f964a00790eb13b744159ff9e91e11f87e08cc9c1894308626419283c03f24fc1561d3b7124dbbb11e5ab71cc1bdd173f43415619
-
SSDEEP
6144:blILDyciFkeLnCUcx/IcoN6O2MW60/1oJiTqEfgv+cyTI9n0Q2di8QEO:bMiFHnC59d/15fMuTIn0ni8QEO
-
Downloads MZ/PE file
-
Loads dropped DLL
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Suspicious use of SetThreadContext
-