General
-
Target
Setup.exe
-
Size
376.7MB
-
Sample
221025-la4dxacbd3
-
MD5
b8172c3364bd5e7d58ee0f7c2fa99a34
-
SHA1
231f3e2f7131b8453d17e0192f7932c29e72796a
-
SHA256
97ef0121223f683536fc0a98f8d52208dfa00b17e0c24189d4bee4e3616fd783
-
SHA512
ecb0bcd9b76d570ab9589bf6afa78df050fb102bad51fc25bddad63dd2b4ba9ca4632661c1e95c99a6ced17c796bd282d4b6f515ecd7d6c8abdfc41372d247fc
-
SSDEEP
196608:Tjin0zmk26GI0gBpcKgkE2GUY1LWb4UiA:Tji0zmk2OHBp9gkE2GDWbwA
Malware Config
Targets
-
-
Target
Setup.exe
-
Size
376.7MB
-
MD5
b8172c3364bd5e7d58ee0f7c2fa99a34
-
SHA1
231f3e2f7131b8453d17e0192f7932c29e72796a
-
SHA256
97ef0121223f683536fc0a98f8d52208dfa00b17e0c24189d4bee4e3616fd783
-
SHA512
ecb0bcd9b76d570ab9589bf6afa78df050fb102bad51fc25bddad63dd2b4ba9ca4632661c1e95c99a6ced17c796bd282d4b6f515ecd7d6c8abdfc41372d247fc
-
SSDEEP
196608:Tjin0zmk26GI0gBpcKgkE2GUY1LWb4UiA:Tji0zmk2OHBp9gkE2GDWbwA
Score8/10-
Downloads MZ/PE file
-
Executes dropped EXE
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-