General
-
Target
6af400fc52f5f1f2395de1499fa86287e3585c019b8d756f3fb1fdb91ff07676
-
Size
28.2MB
-
Sample
220512-n74r2sgdhm
-
MD5
4609813532df603934b122d205793403
-
SHA1
1f83b699647e217bdc7387423e1b6c723343337f
-
SHA256
6af400fc52f5f1f2395de1499fa86287e3585c019b8d756f3fb1fdb91ff07676
-
SHA512
3583adaac6943f89bce40f7ef64a6036db27f6b6caf84b5c6e2b53efbbfa1dd69b7e9d9f7aba18792f279226b862eda84c191d71828d091b1eb7b9184add0963
Malware Config
Targets
-
-
Target
6af400fc52f5f1f2395de1499fa86287e3585c019b8d756f3fb1fdb91ff07676
-
Size
28.2MB
-
MD5
4609813532df603934b122d205793403
-
SHA1
1f83b699647e217bdc7387423e1b6c723343337f
-
SHA256
6af400fc52f5f1f2395de1499fa86287e3585c019b8d756f3fb1fdb91ff07676
-
SHA512
3583adaac6943f89bce40f7ef64a6036db27f6b6caf84b5c6e2b53efbbfa1dd69b7e9d9f7aba18792f279226b862eda84c191d71828d091b1eb7b9184add0963
Score7/10-
Loads dropped DLL
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Legitimate hosting services abused for malware hosting/C2
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-