General
-
Target
02e1385fcb034399568d9f34e70537ef4da29c628a1e0abccdcf57571d69caa0
-
Size
943KB
-
Sample
220528-cwz4yadde3
-
MD5
7d76846dc65ecfc757cc5f8ada1bd60d
-
SHA1
871bf291b91b32f1b3ffadfd7e2c95280310e451
-
SHA256
02e1385fcb034399568d9f34e70537ef4da29c628a1e0abccdcf57571d69caa0
-
SHA512
66d738cfa72b1127c1ec9618977d5059fce7b514869f1de55831972fa2b3ccf3a0d4399ad8e7d7cecc222ae1a886a2ce6b7de80fd8b257c92c10513a2e339634
Malware Config
Targets
-
-
Target
02e1385fcb034399568d9f34e70537ef4da29c628a1e0abccdcf57571d69caa0
-
Size
943KB
-
MD5
7d76846dc65ecfc757cc5f8ada1bd60d
-
SHA1
871bf291b91b32f1b3ffadfd7e2c95280310e451
-
SHA256
02e1385fcb034399568d9f34e70537ef4da29c628a1e0abccdcf57571d69caa0
-
SHA512
66d738cfa72b1127c1ec9618977d5059fce7b514869f1de55831972fa2b3ccf3a0d4399ad8e7d7cecc222ae1a886a2ce6b7de80fd8b257c92c10513a2e339634
Score7/10-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Installs/modifies Browser Helper Object
BHOs are DLL modules which act as plugins for Internet Explorer.
-
Drops file in System32 directory
-