General
-
Target
[GLeaks.pro] slinkyloader.rar
-
Size
24.3MB
-
Sample
241108-q2jwsswkdq
-
MD5
364e700b6fc9de6d47928a58d04ea0e4
-
SHA1
088c0d0a290e908850eae58f9ca25a4cbc59dcad
-
SHA256
b23f7797a193606d9e048d3918f617c395b29fce757667ef10606b5a5c326a2b
-
SHA512
5b2ba8ff2cc567288cf7fbb3a3af5e406b82528a54d204a48de8044d7490a3e12f34d423e06a095aac9433531d5a208531fdfe60c8514cc1b9826c0172e94bed
-
SSDEEP
393216:yP0LLlaUzqg0FY9Ril4S6vZddPumE7ztts4WicI7+M1tVY25EQ+tnKZE7HoT:aElzqBY9RM4SKHdPumd4nl1bqCJ+hza
Malware Config
Targets
-
-
Target
slinkyloader.rar
-
Size
24.3MB
-
MD5
1d38a7add2ab781c4329dfac40db8ebd
-
SHA1
cdf83be3a50bbb7fdbd41af8a30e3bdad667220b
-
SHA256
f7e8f8344bae80105831cd118ace3cdc3b90a5f191e4cde5b734690cd60bae3d
-
SHA512
3eb082d79eabafd488906351562520fa72433a24317e7ad0cfc0d89776fe85f047b4372c4d01b52ed0b6002a2c2adc3e8d77ad9dbc1f0dbcd8c3f0835e03d278
-
SSDEEP
393216:5P0LLlaUzqg0FY9Ril4S6vZddPumE7ztts4WicI7+M1tVY25EQ+tnKZE7Ho6:BElzqBY9RM4SKHdPumd4nl1bqCJ+hzv
-
Executes dropped EXE
-
Loads dropped DLL
-
Unsecured Credentials: Credentials In Files
Steal credentials from unsecured files.
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-
Enumerates processes with tasklist
-