General
-
Target
0b14c4daa7ba75f1d9314d767aa7b478.exe
-
Size
2.0MB
-
Sample
241031-1ba63stglm
-
MD5
0b14c4daa7ba75f1d9314d767aa7b478
-
SHA1
9509a57295b4281049590eee13966762500c98db
-
SHA256
575a60ffb764409c924db6e0f5e8ceeafa894f597b0856720af05b53ad55569c
-
SHA512
4b79be94209fe1b15f25610034c34d97328c845a6567b0074d4f55a940b82c5dc4cc306779f89dfcffbf36e58a2320225b3ad8e889b85e5e06422f32893e1e8a
-
SSDEEP
49152:UZtoStEKWwhxyT0ofvgWVe3187VvIW0aTvEtUt:0zyAWFV9VY6EtUt
Static task
static1
Behavioral task
behavioral1
Sample
0b14c4daa7ba75f1d9314d767aa7b478.exe
Resource
win7-20241010-en
Malware Config
Extracted
stealc
default
http://213.159.79.103
-
url_path
/c619c3a3bc843eb0.php
Targets
-
-
Target
0b14c4daa7ba75f1d9314d767aa7b478.exe
-
Size
2.0MB
-
MD5
0b14c4daa7ba75f1d9314d767aa7b478
-
SHA1
9509a57295b4281049590eee13966762500c98db
-
SHA256
575a60ffb764409c924db6e0f5e8ceeafa894f597b0856720af05b53ad55569c
-
SHA512
4b79be94209fe1b15f25610034c34d97328c845a6567b0074d4f55a940b82c5dc4cc306779f89dfcffbf36e58a2320225b3ad8e889b85e5e06422f32893e1e8a
-
SSDEEP
49152:UZtoStEKWwhxyT0ofvgWVe3187VvIW0aTvEtUt:0zyAWFV9VY6EtUt
-
Stealc family
-
Downloads MZ/PE file
-
Loads dropped DLL
-
Unsecured Credentials: Credentials In Files
Steal credentials from unsecured files.
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-