General
-
Target
3488e03d77adbc21c7b2c40c25efad0e8460edc622b39a6f710573555640e902.exe
-
Size
362KB
-
Sample
241120-n1dx2s1kfl
-
MD5
fc148c7ac5b051bff69132510070111c
-
SHA1
907a5f1bedf76caafa4dbe6c44a73f68102c1e99
-
SHA256
3488e03d77adbc21c7b2c40c25efad0e8460edc622b39a6f710573555640e902
-
SHA512
68c2d90f37d2f8976e34e07ff975775d802df70f089352cbebfb2b010a80e3fbc5b307fc00f72faf9cc359f9cf74accb8d5887f7d084bfd52c2696a3ec9881c9
-
SSDEEP
6144:0bUUyKiCMR7q3HhN4ZDYCg2eyd6Jo4vb/noeUDebE8B:0bU1RGRITgs8JPLKDebEg
Static task
static1
Behavioral task
behavioral1
Sample
3488e03d77adbc21c7b2c40c25efad0e8460edc622b39a6f710573555640e902.exe
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
3488e03d77adbc21c7b2c40c25efad0e8460edc622b39a6f710573555640e902.exe
Resource
win10v2004-20241007-en
Malware Config
Extracted
stealc
default9_cap
http://62.204.41.177
-
url_path
/edd20096ecef326d.php
Targets
-
-
Target
3488e03d77adbc21c7b2c40c25efad0e8460edc622b39a6f710573555640e902.exe
-
Size
362KB
-
MD5
fc148c7ac5b051bff69132510070111c
-
SHA1
907a5f1bedf76caafa4dbe6c44a73f68102c1e99
-
SHA256
3488e03d77adbc21c7b2c40c25efad0e8460edc622b39a6f710573555640e902
-
SHA512
68c2d90f37d2f8976e34e07ff975775d802df70f089352cbebfb2b010a80e3fbc5b307fc00f72faf9cc359f9cf74accb8d5887f7d084bfd52c2696a3ec9881c9
-
SSDEEP
6144:0bUUyKiCMR7q3HhN4ZDYCg2eyd6Jo4vb/noeUDebE8B:0bU1RGRITgs8JPLKDebEg
-
Stealc family
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Unsecured Credentials: Credentials In Files
Steal credentials from unsecured files.
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-