General
-
Target
123
-
Size
8.2MB
-
Sample
240923-zwkqkstflh
-
MD5
f675e62581b09ecb840416233c8460bc
-
SHA1
b7a42ed4a3f13d13905d910f02147d8bdc040b2b
-
SHA256
b4fed30b7d5c533ae1a553607630badbdc10aeacb612ff996e919d014bc2313c
-
SHA512
3bebe82737757c606356cab8877aa7ece5304f7eebbff1695bc4f20502e981d9ce4551ad3492f7c5580bd06d94cd63cd70a8706d24e73ae52e55e38f0f9b9a8a
-
SSDEEP
196608:ZEI9eJx7jQ/b7NuD4VuRS79tcM6vJKjJQQcrgUEr0NFMx3BWhp6D:ZEI9eXQ/b7NuD4VuRS79tczvJJQcrPEL
Behavioral task
behavioral1
Sample
123.exe
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
123.exe
Resource
win10v2004-20240802-en
Malware Config
Extracted
stealc
benjiworld9
http://5.188.86.71
-
url_path
/05feb00efef399f8.php
Targets
-
-
Target
123
-
Size
8.2MB
-
MD5
f675e62581b09ecb840416233c8460bc
-
SHA1
b7a42ed4a3f13d13905d910f02147d8bdc040b2b
-
SHA256
b4fed30b7d5c533ae1a553607630badbdc10aeacb612ff996e919d014bc2313c
-
SHA512
3bebe82737757c606356cab8877aa7ece5304f7eebbff1695bc4f20502e981d9ce4551ad3492f7c5580bd06d94cd63cd70a8706d24e73ae52e55e38f0f9b9a8a
-
SSDEEP
196608:ZEI9eJx7jQ/b7NuD4VuRS79tcM6vJKjJQQcrgUEr0NFMx3BWhp6D:ZEI9eXQ/b7NuD4VuRS79tczvJJQcrPEL
-
Detects HijackLoader (aka IDAT Loader)
-
Deletes itself
-
Suspicious use of SetThreadContext
-