VSCodeUserSetup-x64-1.50.1.exe

General
Target

VSCodeUserSetup-x64-1.50.1.exe

Size

61MB

Sample

201120-9tga9c6s22

Score
8 /10
MD5

49bcaf117095e95a2aa16b37c3533c92

SHA1

a56c59a621812bcd2a07b657e1b21f395250e9bc

SHA256

f9d3dfcdfa13a845ca0dfd0b00cf2577d744f86a81786adca3567f6ea121f758

SHA512

bbf62701f1d7676a2b315a4c52923c4a5d3b85305e63a8f0d853bbf811b3716054044ca7c64b35ec8b15b8193613ec5b470e9d6cc547eb2f0d9f11e99ab5648c

Malware Config
Targets
Target

VSCodeUserSetup-x64-1.50.1.exe

MD5

49bcaf117095e95a2aa16b37c3533c92

Filesize

61MB

Score
8 /10
SHA1

a56c59a621812bcd2a07b657e1b21f395250e9bc

SHA256

f9d3dfcdfa13a845ca0dfd0b00cf2577d744f86a81786adca3567f6ea121f758

SHA512

bbf62701f1d7676a2b315a4c52923c4a5d3b85305e63a8f0d853bbf811b3716054044ca7c64b35ec8b15b8193613ec5b470e9d6cc547eb2f0d9f11e99ab5648c

Tags

Signatures

  • Executes dropped EXE

  • Checks computer location settings

    Description

    Looks up country code configured in the registry, likely geofence.

    TTPs

    Query Registry System Information Discovery
  • Loads dropped DLL

  • Checks installed software on the system

    Description

    Looks up Uninstall key entries in the registry to enumerate software on the system.

    Tags

    TTPs

    Query Registry
  • Enumerates connected drives

    Description

    Attempts to read the root path of hard drives other than the default C: drive.

    TTPs

    Query Registry Peripheral Device Discovery System Information Discovery
  • JavaScript code in executable

  • Reads user/profile data of web browsers

    Description

    Infostealers often target stored browser data, which can include saved credentials etc.

    Tags

    TTPs

    Data from Local System Credentials in Files

Related Tasks

MITRE ATT&CK Matrix
Command and Control
    Credential Access
    Defense Evasion
    Execution
      Exfiltration
        Impact
          Initial Access
            Lateral Movement
              Persistence
                Privilege Escalation
                  Tasks

                  static1

                  behavioral1

                  8/10

                  behavioral2

                  8/10