General
-
Target
0119d358d5a716dd829aab8368ad09f4aa4d5ef4cd7a54040f02ba104913508a
-
Size
632KB
-
Sample
220524-bevx8abag5
-
MD5
2b62663842db9f701ad4f41905f85527
-
SHA1
81d5d67c4df0a0bf9f50032e713b4291d3463b4a
-
SHA256
0119d358d5a716dd829aab8368ad09f4aa4d5ef4cd7a54040f02ba104913508a
-
SHA512
0fec57f65127df7d6fc4d968dcffbd4f51dd28c01eeef44d8b83abba8471071e1069fb9edc4efb82246ca48ba8864d9c86473e74015a778f088b29420cd21daf
Malware Config
Targets
-
-
Target
0119d358d5a716dd829aab8368ad09f4aa4d5ef4cd7a54040f02ba104913508a
-
Size
632KB
-
MD5
2b62663842db9f701ad4f41905f85527
-
SHA1
81d5d67c4df0a0bf9f50032e713b4291d3463b4a
-
SHA256
0119d358d5a716dd829aab8368ad09f4aa4d5ef4cd7a54040f02ba104913508a
-
SHA512
0fec57f65127df7d6fc4d968dcffbd4f51dd28c01eeef44d8b83abba8471071e1069fb9edc4efb82246ca48ba8864d9c86473e74015a778f088b29420cd21daf
Score7/10-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Installs/modifies Browser Helper Object
BHOs are DLL modules which act as plugins for Internet Explorer.
-
Drops file in System32 directory
-