General
-
Target
cred64.dll.exe
-
Size
1.2MB
-
Sample
241223-gflzlawqas
-
MD5
d862c12a4467ebae581a8c0cc3ea2211
-
SHA1
9e797375b9b4422b2314d3e372628643ccf1c5db
-
SHA256
47f8a270b27c18bab9013f4a8f0ee6e877e4050bd4018d682eb502bcfd5bff6d
-
SHA512
cf6545df4a244bb7dc699a565759f97c759ba19bcc9ad9ad91a20cd07aee19cbe10eb82dd21416b717581b34dc4f24ba6d43a00e7d8018b8be133dbbc9e8113c
-
SSDEEP
24576:MO/VvL5QafhQsnoXyaoMferXQ5rnxQBuLv8Y4JKMfUO9l:Z5nfhQzOMoA5rnxHv8PKre
Behavioral task
behavioral1
Sample
cred64.dll
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
cred64.dll
Resource
win10v2004-20241007-en
Malware Config
Extracted
amadey
5.12
d5db2d
http://212.193.31.8
-
strings_key
0e18a2a9dd22cd0f87c9fba7075c3b39
-
url_paths
/3ofn3jf3e2ljk2/index.php
Targets
-
-
Target
cred64.dll.exe
-
Size
1.2MB
-
MD5
d862c12a4467ebae581a8c0cc3ea2211
-
SHA1
9e797375b9b4422b2314d3e372628643ccf1c5db
-
SHA256
47f8a270b27c18bab9013f4a8f0ee6e877e4050bd4018d682eb502bcfd5bff6d
-
SHA512
cf6545df4a244bb7dc699a565759f97c759ba19bcc9ad9ad91a20cd07aee19cbe10eb82dd21416b717581b34dc4f24ba6d43a00e7d8018b8be133dbbc9e8113c
-
SSDEEP
24576:MO/VvL5QafhQsnoXyaoMferXQ5rnxQBuLv8Y4JKMfUO9l:Z5nfhQzOMoA5rnxHv8PKre
-
Blocklisted process makes network request
-
Unsecured Credentials: Credentials In Files
Steal credentials from unsecured files.
-
MITRE ATT&CK Enterprise v15
Credential Access
Credentials from Password Stores
1Credentials from Web Browsers
1Unsecured Credentials
4Credentials In Files
3Credentials in Registry
1