General
-
Target
7e68d4a24a9bc37425e889bcd46db8a8.exe
-
Size
15.5MB
-
Sample
241014-zwk2cazgqq
-
MD5
7e68d4a24a9bc37425e889bcd46db8a8
-
SHA1
53a6866b4d764c309b2fe087cd4262515e59225f
-
SHA256
73c00ca06add32392782aa6ff491460c833bbe561faa40d37b8cc9e3bee1bc91
-
SHA512
9a3e7751bb6b5bc20c9dd1d2312a27caf28603fec7c09bb5234b270c6b5ca27f26836bcb9666ee49d0555156728bf25ee8a18fdc098282b771d5a030026af3df
-
SSDEEP
393216:1IncnrPfvzFwlFus4+CAK4rHOMQZMR9ZG:1cqrPzFwTJC54rXuMR
Static task
static1
Behavioral task
behavioral1
Sample
7e68d4a24a9bc37425e889bcd46db8a8.exe
Resource
win7-20240903-en
Malware Config
Extracted
stealc
DELand
|http://147.45.41.134
-
url_path
/6666ef0c49c7b2d1.php
Targets
-
-
Target
7e68d4a24a9bc37425e889bcd46db8a8.exe
-
Size
15.5MB
-
MD5
7e68d4a24a9bc37425e889bcd46db8a8
-
SHA1
53a6866b4d764c309b2fe087cd4262515e59225f
-
SHA256
73c00ca06add32392782aa6ff491460c833bbe561faa40d37b8cc9e3bee1bc91
-
SHA512
9a3e7751bb6b5bc20c9dd1d2312a27caf28603fec7c09bb5234b270c6b5ca27f26836bcb9666ee49d0555156728bf25ee8a18fdc098282b771d5a030026af3df
-
SSDEEP
393216:1IncnrPfvzFwlFus4+CAK4rHOMQZMR9ZG:1cqrPzFwTJC54rXuMR
-
Downloads MZ/PE file
-
Loads dropped DLL
-
Unsecured Credentials: Credentials In Files
Steal credentials from unsecured files.
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-