General
-
Target
fc708c22acda37fb50cea6d603cb794852d8311349970461b178ff66dedccc0b.exe
-
Size
5.2MB
-
Sample
221124-f5eq5sbg98
-
MD5
cbe30f7bff71640a9c3421adb13e5e82
-
SHA1
0fb009f9cc8a82c31f31a78f5ed11bd84cec97b3
-
SHA256
fc708c22acda37fb50cea6d603cb794852d8311349970461b178ff66dedccc0b
-
SHA512
78d01135904927bf8db93801231d7b3ac1f5788af02338d43def15ac183bdebe078d2ff04265a01ce608a79d9535e08778ed332d1c9237d15a64ae59b25b1fe5
-
SSDEEP
98304:09ENOVKAD83t83o4HtaADJIItAte0exO7baEv3JSew4HqetOXfacKq:ZNxY3o4Z0eCWO3oewiKXfJ
Malware Config
Targets
-
-
Target
fc708c22acda37fb50cea6d603cb794852d8311349970461b178ff66dedccc0b.exe
-
Size
5.2MB
-
MD5
cbe30f7bff71640a9c3421adb13e5e82
-
SHA1
0fb009f9cc8a82c31f31a78f5ed11bd84cec97b3
-
SHA256
fc708c22acda37fb50cea6d603cb794852d8311349970461b178ff66dedccc0b
-
SHA512
78d01135904927bf8db93801231d7b3ac1f5788af02338d43def15ac183bdebe078d2ff04265a01ce608a79d9535e08778ed332d1c9237d15a64ae59b25b1fe5
-
SSDEEP
98304:09ENOVKAD83t83o4HtaADJIItAte0exO7baEv3JSew4HqetOXfacKq:ZNxY3o4Z0eCWO3oewiKXfJ
Score10/10-
PrivateLoader
PrivateLoader is a downloader sold as a pay-per-install malware distribution service.
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Reads user/profile data of local email clients
Email clients store some user data on disk where infostealers will often target it.
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-
Drops file in System32 directory
-