General
-
Target
257585d191281c0de2a51601751a5f7fdfe9256378004ffcf088b46e299aa760.zip
-
Size
356KB
-
Sample
241019-dn3erstdph
-
MD5
c443b3fe7443cf5db3c63da04ba9d67c
-
SHA1
1078df66f94b5f176a4974cc860c4e3a54301fca
-
SHA256
07e7cdf3cf400fac3c0c5300f08db02ceae216d8b9abd9ec2c3d596ab7757bc9
-
SHA512
b2dc63294db7693890f41711e0c891bfc5f9d56cbfc8ca5578859f971444c826d41c3ffd77e51645643a49ae2dbbb0fc33be512d0eeae42b584a66767f2fd827
-
SSDEEP
6144:+G4ySoYG+U8U/46OPsC1NVtiJ/BmsEoytbG3YHeurpZlvINYOgl/MYYA0M9gy6hL:+G4y5YF246OUC1NDiCJGIH7rLlca+YYt
Static task
static1
Behavioral task
behavioral1
Sample
257585d191281c0de2a51601751a5f7fdfe9256378004ffcf088b46e299aa760.exe
Resource
win7-20241010-en
Behavioral task
behavioral2
Sample
257585d191281c0de2a51601751a5f7fdfe9256378004ffcf088b46e299aa760.exe
Resource
win10v2004-20241007-en
Malware Config
Targets
-
-
Target
257585d191281c0de2a51601751a5f7fdfe9256378004ffcf088b46e299aa760
-
Size
786KB
-
MD5
7bc285d267f39aa6023800705d50005f
-
SHA1
2146bf7ea2085f8cc7d0a506dd391033ad88855a
-
SHA256
257585d191281c0de2a51601751a5f7fdfe9256378004ffcf088b46e299aa760
-
SHA512
99a7ca422f8748dac0d6846c956a6e050579d3882bbd82d0aee136349e257e16dce5fb26c2b45e29f411e20ec6380544d1b82b24d020eac5e63c0e1afbeeff86
-
SSDEEP
12288:b3aVasryJ7+delmjBRQlM2MHL7YLWwPrB+5H9FpK6SGxm1KXL+Yevh9GMlXEti:b3aVas+J7+delmjXyIViB+LFp5GY/t
Score7/10-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Credentials from Password Stores: Windows Credential Manager
Suspicious access to Credentials History.
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Enumerates processes with tasklist
-