General
-
Target
e37d3cf1359d053dfa6827bf2addd2fd96e1cf1f5503bfccbc9aa82d660e0945
-
Size
712KB
-
Sample
221002-lrmsgshha6
-
MD5
670e56884fff11ba8d5bf7df6b145ba0
-
SHA1
8a6df76e13811120b1b2a414da964be2665432ee
-
SHA256
e37d3cf1359d053dfa6827bf2addd2fd96e1cf1f5503bfccbc9aa82d660e0945
-
SHA512
695c3a88c3c207ec72500a9123f702647d786d902e161f9a9b1b609f6553ba827d2ebf329bea9a1ec15c1a05543b35cab6d03c53685b6e6c3f84a1916afca89d
-
SSDEEP
12288:OCdUKpg7KUhF1ARhxnD7bh6w/gXGxnpPGrCujQX1ElJMwvcYV64sUWzJLdLyQl0:pg7KWsJf4trEE/M8sHJLyt
Malware Config
Targets
-
-
Target
e37d3cf1359d053dfa6827bf2addd2fd96e1cf1f5503bfccbc9aa82d660e0945
-
Size
712KB
-
MD5
670e56884fff11ba8d5bf7df6b145ba0
-
SHA1
8a6df76e13811120b1b2a414da964be2665432ee
-
SHA256
e37d3cf1359d053dfa6827bf2addd2fd96e1cf1f5503bfccbc9aa82d660e0945
-
SHA512
695c3a88c3c207ec72500a9123f702647d786d902e161f9a9b1b609f6553ba827d2ebf329bea9a1ec15c1a05543b35cab6d03c53685b6e6c3f84a1916afca89d
-
SSDEEP
12288:OCdUKpg7KUhF1ARhxnD7bh6w/gXGxnpPGrCujQX1ElJMwvcYV64sUWzJLdLyQl0:pg7KWsJf4trEE/M8sHJLyt
Score7/10-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Reads data files stored by FTP clients
Tries to access configuration files associated with programs like FileZilla.
-
Reads local data of messenger clients
Infostealers often target stored data of messaging applications, which can include saved credentials and account information.
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-