General
-
Target
Sēt-𝐔𝐏- !ŁAŤєST.7z
-
Size
13.6MB
-
Sample
250704-xn824adk8v
-
MD5
416509d470761075fb21e2035e9607cd
-
SHA1
b71d19852d2d6b105740adf8c67d7c315dec9136
-
SHA256
a3d5e253b40cfdb39c025d9b08f036b54436d3637d1b87261a691ee5daf5f83f
-
SHA512
e87d94ee605fa10a882742971a4874c46951b9bb6810040d9e1010f9d6ad2f56772847634471cef35d09ab428b9cacf9cf251261d841d6dcc4301a72e2ce54a9
-
SSDEEP
393216:mbFquLF8RvKwDMWrmjUPnnueFZpY2hJ0a8fb8TmT:RoFgUxU2ypBIaziT
Behavioral task
behavioral1
Sample
Setup.exe
Resource
win10ltsc2021-20250610-en
Malware Config
Extracted
hijackloader
-
directory
%APPDATA%\shtl
-
inject_dll
%windir%\SysWOW64\pla.dll
Targets
-
-
Target
Setup.exe
-
Size
5.0MB
-
MD5
a6a3eb28af006be9d349760bce376184
-
SHA1
359c88593c67793e3447d71e0b2c710fb707f21a
-
SHA256
b2f713e1bba1fd2d520e5b41f7a9cdc974602117cc4405419576c833681fb844
-
SHA512
f65d13f5f341e2717e7d5baab5c1899fc3c235a593ac30503a515f7b0005893b4b1eef9a1706b8cee04976bcf1d4854167a1714c5eae4131f2c62794c25c3d28
-
SSDEEP
98304:UeA35Slo8NuutsQazvRFn5Aj9Ilb/QdUbRls+GsmfzTSdZbKRySZ:UL35Sy82FzLyj9Ilb/QujKfv+ZkySZ
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Suspicious use of SetThreadContext
-