General
-
Target
6dac3052db5be6a616d460b8cd0699f5d8b079eb202dcac8c164b6175896c89a
-
Size
11.6MB
-
Sample
221124-n36qvafb6z
-
MD5
d03282e0d0271baca23aa400f8699f35
-
SHA1
9d477583f5ff6cfd800c2dc23767ff876501b855
-
SHA256
6dac3052db5be6a616d460b8cd0699f5d8b079eb202dcac8c164b6175896c89a
-
SHA512
8c095fcee8e64d3018a9058a00a59fe4c30fc99bc8ec3bb482a876eef7bc640acf87361a19ce0b94001620a3d63c390c0ac1c04713b673d596f70c79c22e96d7
-
SSDEEP
196608:qWMqt2wa1UfsyfO3u/zQeYmWf1HCuS9H9fdfE41lKozLXPYfig3HAH1oH/shj8Ov:TMqVa1ULfO3u/CPFI3EufLbg3gefshmQ
Malware Config
Targets
-
-
Target
6dac3052db5be6a616d460b8cd0699f5d8b079eb202dcac8c164b6175896c89a
-
Size
11.6MB
-
MD5
d03282e0d0271baca23aa400f8699f35
-
SHA1
9d477583f5ff6cfd800c2dc23767ff876501b855
-
SHA256
6dac3052db5be6a616d460b8cd0699f5d8b079eb202dcac8c164b6175896c89a
-
SHA512
8c095fcee8e64d3018a9058a00a59fe4c30fc99bc8ec3bb482a876eef7bc640acf87361a19ce0b94001620a3d63c390c0ac1c04713b673d596f70c79c22e96d7
-
SSDEEP
196608:qWMqt2wa1UfsyfO3u/zQeYmWf1HCuS9H9fdfE41lKozLXPYfig3HAH1oH/shj8Ov:TMqVa1ULfO3u/CPFI3EufLbg3gefshmQ
Score9/10-
ACProtect 1.3x - 1.4x DLL software
Detects file using ACProtect software.
-
Checks for common network interception software
Looks in the registry for tools like Wireshark or Fiddler commonly used to analyze network activity.
-
Executes dropped EXE
-
Sets file execution options in registry
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Drops Chrome extension
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-