General
-
Target
0c3dfd73120cad98b4e02c48c903b5c3d529cb977fcd1a50889f7f01f7b57726
-
Size
5.7MB
-
Sample
221123-njz4ysha67
-
MD5
2c415314c7861142f74e1639acc1fe05
-
SHA1
cf99d8d4251067e19fa500e85c156c565c5582e5
-
SHA256
0c3dfd73120cad98b4e02c48c903b5c3d529cb977fcd1a50889f7f01f7b57726
-
SHA512
5ebfaebed20f396ecfa63ee3689b4498753bf5da7d990b650e97626a480cc12b0a79dab78e51b078c70a0b448acb52750cd41ea14db109934306e52816679f46
-
SSDEEP
98304:aL+p957/mfkAb0JOyEmi+thHGAa0P9CQOGCfRJ2jlTDZ2l4wdcACdcruV95czZ:G89J/ANzywiJlgQNUJ2BTDYiqcAViVwt
Malware Config
Targets
-
-
Target
0c3dfd73120cad98b4e02c48c903b5c3d529cb977fcd1a50889f7f01f7b57726
-
Size
5.7MB
-
MD5
2c415314c7861142f74e1639acc1fe05
-
SHA1
cf99d8d4251067e19fa500e85c156c565c5582e5
-
SHA256
0c3dfd73120cad98b4e02c48c903b5c3d529cb977fcd1a50889f7f01f7b57726
-
SHA512
5ebfaebed20f396ecfa63ee3689b4498753bf5da7d990b650e97626a480cc12b0a79dab78e51b078c70a0b448acb52750cd41ea14db109934306e52816679f46
-
SSDEEP
98304:aL+p957/mfkAb0JOyEmi+thHGAa0P9CQOGCfRJ2jlTDZ2l4wdcACdcruV95czZ:G89J/ANzywiJlgQNUJ2BTDYiqcAViVwt
Score8/10-
Executes dropped EXE
-
Modifies AppInit DLL entries
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-