General
-
Target
9211154f8bd85ce85c52cfe91538e6ba2a25704b6efb84c64460ba4da20fa1a9
-
Size
363KB
-
Sample
241010-b9frsazcmr
-
MD5
dc860de2a24ea3e15c496582af59b9cb
-
SHA1
10b23badfb0b31fdeabd8df757a905e394201ec3
-
SHA256
9211154f8bd85ce85c52cfe91538e6ba2a25704b6efb84c64460ba4da20fa1a9
-
SHA512
132dad93963cd019fa8fc012f4c780d2ab557e9053afe3f7d4334e247deb77c07bb01c8c5f9c05e9c721d3fe8e6ec29af83b7bb7bf1ad925fae7695ed5cfc3db
-
SSDEEP
6144:iUwFzqlqyEURK9rod9/or4txXZ1l4PyT6qdgNkwhjfdnw/omUS29zf7PT:zwFzqsynqM/M4tLw6DgNkQjfdwAZDPT
Static task
static1
Behavioral task
behavioral1
Sample
9211154f8bd85ce85c52cfe91538e6ba2a25704b6efb84c64460ba4da20fa1a9.exe
Resource
win7-20240903-en
Malware Config
Extracted
stealc
default
http://95.217.96.249
-
url_path
/bc00174e4ec6d418.php
Targets
-
-
Target
9211154f8bd85ce85c52cfe91538e6ba2a25704b6efb84c64460ba4da20fa1a9
-
Size
363KB
-
MD5
dc860de2a24ea3e15c496582af59b9cb
-
SHA1
10b23badfb0b31fdeabd8df757a905e394201ec3
-
SHA256
9211154f8bd85ce85c52cfe91538e6ba2a25704b6efb84c64460ba4da20fa1a9
-
SHA512
132dad93963cd019fa8fc012f4c780d2ab557e9053afe3f7d4334e247deb77c07bb01c8c5f9c05e9c721d3fe8e6ec29af83b7bb7bf1ad925fae7695ed5cfc3db
-
SSDEEP
6144:iUwFzqlqyEURK9rod9/or4txXZ1l4PyT6qdgNkwhjfdnw/omUS29zf7PT:zwFzqsynqM/M4tLw6DgNkQjfdwAZDPT
-
Downloads MZ/PE file
-
Loads dropped DLL
-
Unsecured Credentials: Credentials In Files
Steal credentials from unsecured files.
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Suspicious use of SetThreadContext
-