General
-
Target
a37a5258408b2bcd28a5fccb62939d1d5aeb841b0d67bfd1880cfe17666cb35d
-
Size
404KB
-
Sample
221029-t811fafebn
-
MD5
839c1e421864a090c847647efe36c820
-
SHA1
8b65f5f322e96ce2a9b05edf151bebe901761320
-
SHA256
a37a5258408b2bcd28a5fccb62939d1d5aeb841b0d67bfd1880cfe17666cb35d
-
SHA512
86b22a1ec45d9f96855f296417e655f3686843114868b1882106e94cd055937fff0948c8f1ce236e08792b45550542a690369ae3eb8f002e110823cff522933a
-
SSDEEP
6144:zXC4vgmhbIxs3NBBuXTcYHERV2Qnqj3Zw3jzUaSErCn04VT0o7ObkVqE2JiFjrhl:zXCNi9BokRV2Q0p+4ajrCn0aOYbZhl
Malware Config
Targets
-
-
Target
a37a5258408b2bcd28a5fccb62939d1d5aeb841b0d67bfd1880cfe17666cb35d
-
Size
404KB
-
MD5
839c1e421864a090c847647efe36c820
-
SHA1
8b65f5f322e96ce2a9b05edf151bebe901761320
-
SHA256
a37a5258408b2bcd28a5fccb62939d1d5aeb841b0d67bfd1880cfe17666cb35d
-
SHA512
86b22a1ec45d9f96855f296417e655f3686843114868b1882106e94cd055937fff0948c8f1ce236e08792b45550542a690369ae3eb8f002e110823cff522933a
-
SSDEEP
6144:zXC4vgmhbIxs3NBBuXTcYHERV2Qnqj3Zw3jzUaSErCn04VT0o7ObkVqE2JiFjrhl:zXCNi9BokRV2Q0p+4ajrCn0aOYbZhl
Score7/10-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Adds Run key to start application
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
Drops file in System32 directory
-