General
-
Target
ec72a93f6279b16006f2196f330166ee.exe
-
Size
4.9MB
-
Sample
210928-g8cxdsahem
-
MD5
ec72a93f6279b16006f2196f330166ee
-
SHA1
74b4d4a19500d3644a6a4f523ad7d4adcb1ace6f
-
SHA256
4340bc1e1ddb5d268a010401be96435063de733a2601d158d13f56da9f20df5d
-
SHA512
3c0b595d905e8d6f83b82d769415bc257eaf514832575674179720b8486dccd5df24c0ff9a789498f76c388bfc5048fa56c0569d2342277c159262ca58ecf0ad
Static task
static1
Behavioral task
behavioral1
Sample
ec72a93f6279b16006f2196f330166ee.exe
Resource
win7-en-20210920
Malware Config
Targets
-
-
Target
ec72a93f6279b16006f2196f330166ee.exe
-
Size
4.9MB
-
MD5
ec72a93f6279b16006f2196f330166ee
-
SHA1
74b4d4a19500d3644a6a4f523ad7d4adcb1ace6f
-
SHA256
4340bc1e1ddb5d268a010401be96435063de733a2601d158d13f56da9f20df5d
-
SHA512
3c0b595d905e8d6f83b82d769415bc257eaf514832575674179720b8486dccd5df24c0ff9a789498f76c388bfc5048fa56c0569d2342277c159262ca58ecf0ad
-
Downloads MZ/PE file
-
Executes dropped EXE
-
Loads dropped DLL
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-