General
-
Target
bcc5e375823c342120e70f87431cfafec7633f20803af702294eafdc196bc319
-
Size
390KB
-
Sample
240716-bbn1hazgqf
-
MD5
bca41517b9bc3177a818620037e328b2
-
SHA1
a0c335311c7be01e20aecf350a4ead084cccff22
-
SHA256
bcc5e375823c342120e70f87431cfafec7633f20803af702294eafdc196bc319
-
SHA512
b006c70b1e8f86277e3715d1ffb106bf2cf05f1b1834eb6e9cc0b02899674e77ee3ed7f0e4abb1f179f58a1f23af70caaaa402f1984ad69f9205dfe11d47b162
-
SSDEEP
6144:ahdAzxpL5aUyAUCjZBLnk8OEvK4GJw2NSr4jk3tMVWNdntlKbpmRMuy3leei8IEO:aepUUyOHjK/0riK++P4mRM33Ni8IEO
Static task
static1
Behavioral task
behavioral1
Sample
bcc5e375823c342120e70f87431cfafec7633f20803af702294eafdc196bc319.exe
Resource
win10v2004-20240709-en
Malware Config
Extracted
stealc
default
http://85.28.47.101
-
url_path
/f3ee98d7eec07fb9.php
Targets
-
-
Target
bcc5e375823c342120e70f87431cfafec7633f20803af702294eafdc196bc319
-
Size
390KB
-
MD5
bca41517b9bc3177a818620037e328b2
-
SHA1
a0c335311c7be01e20aecf350a4ead084cccff22
-
SHA256
bcc5e375823c342120e70f87431cfafec7633f20803af702294eafdc196bc319
-
SHA512
b006c70b1e8f86277e3715d1ffb106bf2cf05f1b1834eb6e9cc0b02899674e77ee3ed7f0e4abb1f179f58a1f23af70caaaa402f1984ad69f9205dfe11d47b162
-
SSDEEP
6144:ahdAzxpL5aUyAUCjZBLnk8OEvK4GJw2NSr4jk3tMVWNdntlKbpmRMuy3leei8IEO:aepUUyOHjK/0riK++P4mRM33Ni8IEO
-
Downloads MZ/PE file
-
Loads dropped DLL
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Suspicious use of SetThreadContext
-