General
-
Target
a399a293cc3f25f6250ebee65e6e60e818831925769d540354275e9ad87bb5bb.exe
-
Size
418KB
-
Sample
250519-prf7gsfr3s
-
MD5
70569247c1a50277840141ce7ed19d3d
-
SHA1
e9a1ece9e9670d58d50fa5db92d99b171398b00f
-
SHA256
a399a293cc3f25f6250ebee65e6e60e818831925769d540354275e9ad87bb5bb
-
SHA512
de9a0281e43b7aa50c54cfea73304588e91355a3135565ab72d18b70f7e7bdcd8deb322fb0cddc05e34a627d44baa2d9d4374cbc7f0af44cf8b3b52b3b1a2fad
-
SSDEEP
12288:FnvxplpMAX99S4B009MqyQMKNT72HfAD8xE:FvxplpMAtU4Bl9MdQFT72HIoS
Static task
static1
Behavioral task
behavioral1
Sample
a399a293cc3f25f6250ebee65e6e60e818831925769d540354275e9ad87bb5bb.exe
Resource
win10v2004-20250502-en
Malware Config
Extracted
C:\Program Files\readme.txt
http://3pktcrcbmssvrnwe5skburdwe2h3v6ibdnn5kbjqihsg6eu6s6b7ryqd.onion
http://z3wqggtxft7id3ibr7srivv5gjof5fwg76slewnzwwakjuf3nlhukdid.onion
http://z3wqggtxft7id3ibr7srivv5gjof5fwg76slewnzwwakjuf3nlhukdid.onion/news
Targets
-
-
Target
a399a293cc3f25f6250ebee65e6e60e818831925769d540354275e9ad87bb5bb.exe
-
Size
418KB
-
MD5
70569247c1a50277840141ce7ed19d3d
-
SHA1
e9a1ece9e9670d58d50fa5db92d99b171398b00f
-
SHA256
a399a293cc3f25f6250ebee65e6e60e818831925769d540354275e9ad87bb5bb
-
SHA512
de9a0281e43b7aa50c54cfea73304588e91355a3135565ab72d18b70f7e7bdcd8deb322fb0cddc05e34a627d44baa2d9d4374cbc7f0af44cf8b3b52b3b1a2fad
-
SSDEEP
12288:FnvxplpMAX99S4B009MqyQMKNT72HfAD8xE:FvxplpMAtU4Bl9MdQFT72HIoS
-
Credentials from Password Stores: Windows Credential Manager
Suspicious access to Credentials History.
-
Drops startup file
-
Drops desktop.ini file(s)
-
Sets desktop wallpaper using registry
-
MITRE ATT&CK Enterprise v16
Credential Access
Credentials from Password Stores
2Credentials from Web Browsers
1Windows Credential Manager
1Unsecured Credentials
1Credentials In Files
1