General
-
Target
561d04cdab555035186aaeeb01e72c21
-
Size
6.6MB
-
Sample
210223-h943tcaxa6
-
MD5
561d04cdab555035186aaeeb01e72c21
-
SHA1
da5e2a7f0d2ba3249375c739ebc4e5bb7537d1aa
-
SHA256
47d4e69644220048b1034fbfe2f4af533c4a43fd17bd4dafc563fd32134ddd36
-
SHA512
95fa8b57cb37d278aafeaf922ebb6388b6bf3fe2612a69ee9525ce8b128597480653a0c786a9e41533947e5e39e849823f8fd6766b88e767923792134d464591
Malware Config
Targets
-
-
Target
561d04cdab555035186aaeeb01e72c21
-
Size
6.6MB
-
MD5
561d04cdab555035186aaeeb01e72c21
-
SHA1
da5e2a7f0d2ba3249375c739ebc4e5bb7537d1aa
-
SHA256
47d4e69644220048b1034fbfe2f4af533c4a43fd17bd4dafc563fd32134ddd36
-
SHA512
95fa8b57cb37d278aafeaf922ebb6388b6bf3fe2612a69ee9525ce8b128597480653a0c786a9e41533947e5e39e849823f8fd6766b88e767923792134d464591
Score7/10-
Loads dropped DLL
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Legitimate hosting services abused for malware hosting/C2
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-