General
-
Target
039f5c692ba1c67c6e9b475738f40f4311e5e5625e4390d5e51685f6b4e548b8
-
Size
6.3MB
-
Sample
240907-pd1c7stgkg
-
MD5
45b55d1e5d2bf60cc572f541ae6fa7d1
-
SHA1
2329f56147a299bcdbf20520e626cc8253e49a8d
-
SHA256
039f5c692ba1c67c6e9b475738f40f4311e5e5625e4390d5e51685f6b4e548b8
-
SHA512
5483964e050b2be073d3cf966b6dd6271556d4adfb420fb9ecf81f42f27cd06727016292dceb9a282f9fdcb451507309d1a78f58dd5d84e3022c0ea20c58dbe2
-
SSDEEP
49152:rDiHluIUMaBlQkeq99ytafJLHQH9UdaRESvgKQUN7LpNoyuwHw6c+M8rUr+9r:qABlQkeq9gtafJzQdUdatpgwdM8rUr4r
Static task
static1
Behavioral task
behavioral1
Sample
039f5c692ba1c67c6e9b475738f40f4311e5e5625e4390d5e51685f6b4e548b8.exe
Resource
win10v2004-20240802-en
Behavioral task
behavioral2
Sample
039f5c692ba1c67c6e9b475738f40f4311e5e5625e4390d5e51685f6b4e548b8.exe
Resource
win11-20240802-en
Malware Config
Extracted
cryptbot
fivev5sb.top
-
url_path
/v1/upload.php
Targets
-
-
Target
039f5c692ba1c67c6e9b475738f40f4311e5e5625e4390d5e51685f6b4e548b8
-
Size
6.3MB
-
MD5
45b55d1e5d2bf60cc572f541ae6fa7d1
-
SHA1
2329f56147a299bcdbf20520e626cc8253e49a8d
-
SHA256
039f5c692ba1c67c6e9b475738f40f4311e5e5625e4390d5e51685f6b4e548b8
-
SHA512
5483964e050b2be073d3cf966b6dd6271556d4adfb420fb9ecf81f42f27cd06727016292dceb9a282f9fdcb451507309d1a78f58dd5d84e3022c0ea20c58dbe2
-
SSDEEP
49152:rDiHluIUMaBlQkeq99ytafJLHQH9UdaRESvgKQUN7LpNoyuwHw6c+M8rUr+9r:qABlQkeq9gtafJzQdUdatpgwdM8rUr4r
Score10/10-
Credentials from Password Stores: Credentials from Web Browsers
Malicious Access or copy of Web Browser Credential store.
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-