General
-
Target
blueline_0024.js
-
Size
16.0MB
-
Sample
221123-zed7gafg2z
-
MD5
a12532ca2dfe9a3dc025923882809e6f
-
SHA1
407f86ac6d207f02825b94bfde931065a71805e0
-
SHA256
39a50e2c78f6cbd02f8d0d78d505ec03febddd89d0ac61bb78a5c667a5f6012e
-
SHA512
7e3d7171e1f91f8451de0d9df9d5e3365deac3f704c88aabecf6f1d7c1d2b98f1ee865e24d3fcc43353c420ae71d6f7e2485cc6bdab9d90056df8bced22c3503
-
SSDEEP
49152:qGm3fzsfjnxVItPYA6OaMkTuHqv7cAo/zu2iMZOoRGmS3QdG4BIh9o5xj36rLjci:R
Malware Config
Targets
-
-
Target
blueline_0024.js
-
Size
16.0MB
-
MD5
a12532ca2dfe9a3dc025923882809e6f
-
SHA1
407f86ac6d207f02825b94bfde931065a71805e0
-
SHA256
39a50e2c78f6cbd02f8d0d78d505ec03febddd89d0ac61bb78a5c667a5f6012e
-
SHA512
7e3d7171e1f91f8451de0d9df9d5e3365deac3f704c88aabecf6f1d7c1d2b98f1ee865e24d3fcc43353c420ae71d6f7e2485cc6bdab9d90056df8bced22c3503
-
SSDEEP
49152:qGm3fzsfjnxVItPYA6OaMkTuHqv7cAo/zu2iMZOoRGmS3QdG4BIh9o5xj36rLjci:R
Score8/10-
Blocklisted process makes network request
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-