General
-
Target
01eea1c612f5b1552e0c7e4fa4f53b58339f1bdbac5055d717a5d2fdb4272ccf.exe
-
Size
3.5MB
-
Sample
240716-rhrb7swfrq
-
MD5
cbc018a005962da8c30c9d42bec99a40
-
SHA1
741ccfeea32c4e20b697b0d1e18f0107aefc7930
-
SHA256
01eea1c612f5b1552e0c7e4fa4f53b58339f1bdbac5055d717a5d2fdb4272ccf
-
SHA512
2e9ec85ae686e2660df5a5079413006598c2c16c2e8b59c224c0e044c365a1f90d87fe946478ea10c54b3e31c05e5723a2befb3270457cb7481bb31910c66859
-
SSDEEP
49152:CR/KpmZubPf2S8W2ILeWl+C1Z9jWy5Snd0eigXNu5vlM:k/jtYLP1Cy5E0zFlM
Static task
static1
Behavioral task
behavioral1
Sample
01eea1c612f5b1552e0c7e4fa4f53b58339f1bdbac5055d717a5d2fdb4272ccf.exe
Resource
win7-20240708-en
Malware Config
Extracted
stealc
default
http://5.230.253.197
-
url_path
/46ea3ef0390e13b4.php
Targets
-
-
Target
01eea1c612f5b1552e0c7e4fa4f53b58339f1bdbac5055d717a5d2fdb4272ccf.exe
-
Size
3.5MB
-
MD5
cbc018a005962da8c30c9d42bec99a40
-
SHA1
741ccfeea32c4e20b697b0d1e18f0107aefc7930
-
SHA256
01eea1c612f5b1552e0c7e4fa4f53b58339f1bdbac5055d717a5d2fdb4272ccf
-
SHA512
2e9ec85ae686e2660df5a5079413006598c2c16c2e8b59c224c0e044c365a1f90d87fe946478ea10c54b3e31c05e5723a2befb3270457cb7481bb31910c66859
-
SSDEEP
49152:CR/KpmZubPf2S8W2ILeWl+C1Z9jWy5Snd0eigXNu5vlM:k/jtYLP1Cy5E0zFlM
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-