General
-
Target
9447b75af497e5a7f99f1ded1c1d87c53b5b59fce224a325932ad55eef9e0e4a
-
Size
3.4MB
-
Sample
221103-lsehhaghd5
-
MD5
7d95e93228b83980a73ae69e785e2c4b
-
SHA1
8fb5c5d238c89aed025e66877cf4a5f69c4691b6
-
SHA256
fdb5556eddfa281438d3c7ab2542239c05888fe39077f8d1e6824cb6dd47f3e9
-
SHA512
42ce0f4e423dce7e382a760beaa3eb456414d12a053daa9eecf637f967a03eb105a439e4cea4e1f11e00cc8e7209f431e4ba6ecb8b064016c5eab5021332f9f3
-
SSDEEP
98304:PHyyr1w9y5EdxL7Fz0UYwW8Yg0cZDstEIL:/rO9H/Lxz0gUcZIi6
Malware Config
Targets
-
-
Target
9447b75af497e5a7f99f1ded1c1d87c53b5b59fce224a325932ad55eef9e0e4a
-
Size
3.5MB
-
MD5
24de00559463ef4103032e24c58ce35d
-
SHA1
d61a4387466a0c999981086c2c994f2a80193ce3
-
SHA256
9447b75af497e5a7f99f1ded1c1d87c53b5b59fce224a325932ad55eef9e0e4a
-
SHA512
c314848a48323f0b8a8728f6aaf5dbbe1e18299fcaf6d6c24057df357b891f40a0f9d2608670ae80ee806a5abca500e22260179ca9e2d87b9378feeb934169f8
-
SSDEEP
98304:QEbtxe9iv3M25is9fzEa0VP9b+jIGz+SBJYS+rm1myI:7t8Iv3n19fQa0995q+SB+ba1mb
Score8/10-
Downloads MZ/PE file
-
Executes dropped EXE
-
Registers COM server for autorun
-
Sets file execution options in registry
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Checks whether UAC is enabled
-
Drops desktop.ini file(s)
-
Drops file in System32 directory
-