General
-
Target
Security Score.exe
-
Size
6.6MB
-
Sample
240706-3w583azfnf
-
MD5
4a0e18b9311033f3262dbb1d6f952fd4
-
SHA1
3031e311aaaeb79253fc38b293d5fea1dd443636
-
SHA256
d3297c81f787e85f89fbd109cc6e8ed2b63ee1f3c0eb81cacf4f79e7d385045c
-
SHA512
893463074ca5b00d47f8b90a6ced2f54488319b1c8fbd38e592a9f269e1a53abdc288c4b09242002b4f34ed96c7424d28a40538865d32051151c2161963ab1df
-
SSDEEP
49152:QIsRjZ2Czf3isUwgsDCL9v3T7EWYA6Cgd3eoCbhBIsXJ+jKAXemaWEFLEZeCRj5D:cBbfMbsGgd3MhL+BDEbCRj1EpaSeMi5
Static task
static1
Malware Config
Extracted
stealc
default
http://94.228.166.20
-
url_path
/615ffb09a7b55d61.php
Targets
-
-
Target
Security Score.exe
-
Size
6.6MB
-
MD5
4a0e18b9311033f3262dbb1d6f952fd4
-
SHA1
3031e311aaaeb79253fc38b293d5fea1dd443636
-
SHA256
d3297c81f787e85f89fbd109cc6e8ed2b63ee1f3c0eb81cacf4f79e7d385045c
-
SHA512
893463074ca5b00d47f8b90a6ced2f54488319b1c8fbd38e592a9f269e1a53abdc288c4b09242002b4f34ed96c7424d28a40538865d32051151c2161963ab1df
-
SSDEEP
49152:QIsRjZ2Czf3isUwgsDCL9v3T7EWYA6Cgd3eoCbhBIsXJ+jKAXemaWEFLEZeCRj5D:cBbfMbsGgd3MhL+BDEbCRj1EpaSeMi5
-
Downloads MZ/PE file
-
Loads dropped DLL
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Suspicious use of SetThreadContext
-