General
-
Target
4d2fa3997863a2387f8d903e21dffc1579cec0a33988d06dcaf902b052cbaffb
-
Size
10.9MB
-
Sample
221124-maw59sah91
-
MD5
1e3ee072534cb144a096464897f382b0
-
SHA1
bb28acdcbba578f47a7f10584135f2961581057e
-
SHA256
4d2fa3997863a2387f8d903e21dffc1579cec0a33988d06dcaf902b052cbaffb
-
SHA512
bd8f1701cfdb9c6a9475974902524798924fee0cf7f87ef145d0c8866caeda7c7458567cd1c1cf233bd1c5df186f02f3a3136c7bb007823caf50c79b94635dc5
-
SSDEEP
196608:fMVZLrOom+YLqB58cS9ZhaSB8O6ajv6RxnETQMBAzq81PJBMNU4eDnd:fMVFrOomt05ByOO6D5ET+/1xBMN8J
Malware Config
Targets
-
-
Target
4d2fa3997863a2387f8d903e21dffc1579cec0a33988d06dcaf902b052cbaffb
-
Size
10.9MB
-
MD5
1e3ee072534cb144a096464897f382b0
-
SHA1
bb28acdcbba578f47a7f10584135f2961581057e
-
SHA256
4d2fa3997863a2387f8d903e21dffc1579cec0a33988d06dcaf902b052cbaffb
-
SHA512
bd8f1701cfdb9c6a9475974902524798924fee0cf7f87ef145d0c8866caeda7c7458567cd1c1cf233bd1c5df186f02f3a3136c7bb007823caf50c79b94635dc5
-
SSDEEP
196608:fMVZLrOom+YLqB58cS9ZhaSB8O6ajv6RxnETQMBAzq81PJBMNU4eDnd:fMVFrOomt05ByOO6D5ET+/1xBMN8J
Score9/10-
ACProtect 1.3x - 1.4x DLL software
Detects file using ACProtect software.
-
Checks for common network interception software
Looks in the registry for tools like Wireshark or Fiddler commonly used to analyze network activity.
-
Executes dropped EXE
-
Sets file execution options in registry
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Drops Chrome extension
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-