General
-
Target
50a3cecf553842b316a98bdb9959095a.exe
-
Size
9.6MB
-
Sample
240707-e2hsystdrk
-
MD5
50a3cecf553842b316a98bdb9959095a
-
SHA1
8e9b2d58add086ce61a5e1cdea90d68287165d36
-
SHA256
331513e00a1db6e963222e01ec743259c2218f000ccb6ca46e8141359d778a74
-
SHA512
958ee042188d5f70b4a1880619f20f2182adc1ab5b261e1875d4aeb8f02d42b15e86e867559b1461ec9e24e6f674435e0c95f34f9b6674dbe97ee28207171f66
-
SSDEEP
196608:ggrnAlPlqCzUusqZL5W618cWnbwGgkWHZ60BdUr5a:g0s4qUSZL5W6icIge0w
Static task
static1
Behavioral task
behavioral1
Sample
50a3cecf553842b316a98bdb9959095a.exe
Resource
win7-20240705-en
Malware Config
Extracted
stealc
default
http://139.99.67.238
-
url_path
/9b53fb902ecbf12d.php
Targets
-
-
Target
50a3cecf553842b316a98bdb9959095a.exe
-
Size
9.6MB
-
MD5
50a3cecf553842b316a98bdb9959095a
-
SHA1
8e9b2d58add086ce61a5e1cdea90d68287165d36
-
SHA256
331513e00a1db6e963222e01ec743259c2218f000ccb6ca46e8141359d778a74
-
SHA512
958ee042188d5f70b4a1880619f20f2182adc1ab5b261e1875d4aeb8f02d42b15e86e867559b1461ec9e24e6f674435e0c95f34f9b6674dbe97ee28207171f66
-
SSDEEP
196608:ggrnAlPlqCzUusqZL5W618cWnbwGgkWHZ60BdUr5a:g0s4qUSZL5W6icIge0w
-
Downloads MZ/PE file
-
Loads dropped DLL
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-