General
-
Target
740205e16d72f4be3564a9553da3b96b2cf6599d90b355b5f3d0dce53e0a3b34
-
Size
389KB
-
Sample
240715-hv5kxsxbjc
-
MD5
88f1c45c10626215b990db75d337ef26
-
SHA1
cc7ed5e29c9928655cdf0f1fc0266083f13e0774
-
SHA256
740205e16d72f4be3564a9553da3b96b2cf6599d90b355b5f3d0dce53e0a3b34
-
SHA512
1b757407f6d7032c553f97759573faab3fe933519b68512dd2618f390c3dad2e6558ff0c845c387636bd61f6639ef7eabe318a31d709c77b45c3807c076e99d3
-
SSDEEP
6144:AF2qRcEtSqH6rC8sRA8WBZY/OEMW64rqUIKivc6hWLwT7X991VAaGpPdE2di8cEO:A5tS7rCxMMu/KIcqwW7N9ri3i8cEO
Static task
static1
Behavioral task
behavioral1
Sample
740205e16d72f4be3564a9553da3b96b2cf6599d90b355b5f3d0dce53e0a3b34.exe
Resource
win10v2004-20240709-en
Malware Config
Extracted
stealc
default
http://85.28.47.101
-
url_path
/f3ee98d7eec07fb9.php
Targets
-
-
Target
740205e16d72f4be3564a9553da3b96b2cf6599d90b355b5f3d0dce53e0a3b34
-
Size
389KB
-
MD5
88f1c45c10626215b990db75d337ef26
-
SHA1
cc7ed5e29c9928655cdf0f1fc0266083f13e0774
-
SHA256
740205e16d72f4be3564a9553da3b96b2cf6599d90b355b5f3d0dce53e0a3b34
-
SHA512
1b757407f6d7032c553f97759573faab3fe933519b68512dd2618f390c3dad2e6558ff0c845c387636bd61f6639ef7eabe318a31d709c77b45c3807c076e99d3
-
SSDEEP
6144:AF2qRcEtSqH6rC8sRA8WBZY/OEMW64rqUIKivc6hWLwT7X991VAaGpPdE2di8cEO:A5tS7rCxMMu/KIcqwW7N9ri3i8cEO
-
Downloads MZ/PE file
-
Loads dropped DLL
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Suspicious use of SetThreadContext
-