General
-
Target
Set-up.exe
-
Size
6.3MB
-
Sample
240910-aaz6psxalr
-
MD5
3406055d6c38b0219192413e4cd18a2b
-
SHA1
80be1c096353caae8b01182b39df81191ae7924f
-
SHA256
008363271c52663213d521af1a6c9cf1b9e2d4be17a629ff6079a69e796236c8
-
SHA512
077c2fe82e5093b5bd3912ffb307495c3a58e03b2eb4c5003c30e07b0bf41012d695c1525b4ff138c9a0e4427b70a6732873b17aa5c06cf830ab56e0fa7d6311
-
SSDEEP
98304:ui+pBnmP/EW4Cz1NEG7NWOxUFXjn+xjYQEaTZFBHSbKu0:uRTW4Cy4NwneLEaTZFBHfu0
Static task
static1
Behavioral task
behavioral1
Sample
Set-up.exe
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
Set-up.exe
Resource
win10v2004-20240802-en
Malware Config
Extracted
cryptbot
fiftv15pn.top
analforeverlovyu.top
-
url_path
/v1/upload.php
Targets
-
-
Target
Set-up.exe
-
Size
6.3MB
-
MD5
3406055d6c38b0219192413e4cd18a2b
-
SHA1
80be1c096353caae8b01182b39df81191ae7924f
-
SHA256
008363271c52663213d521af1a6c9cf1b9e2d4be17a629ff6079a69e796236c8
-
SHA512
077c2fe82e5093b5bd3912ffb307495c3a58e03b2eb4c5003c30e07b0bf41012d695c1525b4ff138c9a0e4427b70a6732873b17aa5c06cf830ab56e0fa7d6311
-
SSDEEP
98304:ui+pBnmP/EW4Cz1NEG7NWOxUFXjn+xjYQEaTZFBHSbKu0:uRTW4Cy4NwneLEaTZFBHfu0
Score10/10-
Credentials from Password Stores: Credentials from Web Browsers
Malicious Access or copy of Web Browser Credential store.
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-