General
-
Target
cc5c0affeac86067994bfd1d5cac6a6e784d02797ae8ed27602c2d1ea3428a68
-
Size
446KB
-
Sample
221121-la19jsch48
-
MD5
15547793bc34de9ae3615c96997e9cd0
-
SHA1
ea8e0dcd4b1424771daafdcc0c064077dac16c7c
-
SHA256
cc5c0affeac86067994bfd1d5cac6a6e784d02797ae8ed27602c2d1ea3428a68
-
SHA512
4de7677a6585ebd5366c5e34551afccaa0ce772ce20b80d43b2e61933318f64da1d5ed22c56745e6f0461e23081145fba998fa49111bc1e88874eaa78dcbb491
-
SSDEEP
6144:r3+eQg1erKxsoBZWKBPjKg+N9yIq8iBpr+/ZcmMTFjz3ZfOWCoYE+kNDzNBdPZl+:rOeQ8eOxPZvBO/lq4ZxASjeDzNBd7zW
Malware Config
Targets
-
-
Target
cc5c0affeac86067994bfd1d5cac6a6e784d02797ae8ed27602c2d1ea3428a68
-
Size
446KB
-
MD5
15547793bc34de9ae3615c96997e9cd0
-
SHA1
ea8e0dcd4b1424771daafdcc0c064077dac16c7c
-
SHA256
cc5c0affeac86067994bfd1d5cac6a6e784d02797ae8ed27602c2d1ea3428a68
-
SHA512
4de7677a6585ebd5366c5e34551afccaa0ce772ce20b80d43b2e61933318f64da1d5ed22c56745e6f0461e23081145fba998fa49111bc1e88874eaa78dcbb491
-
SSDEEP
6144:r3+eQg1erKxsoBZWKBPjKg+N9yIq8iBpr+/ZcmMTFjz3ZfOWCoYE+kNDzNBdPZl+:rOeQ8eOxPZvBO/lq4ZxASjeDzNBd7zW
Score10/10-
Modifies visibility of file extensions in Explorer
-
UAC bypass
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Loads dropped DLL
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Adds Run key to start application
-
Checks whether UAC is enabled
-
Drops file in System32 directory
-