General
-
Target
339416af74b8a4ebddb12a75d91e1338583151e9cd3b89e95bd5f53dffa93aac
-
Size
689KB
-
Sample
221125-19qpesea9w
-
MD5
935a7a0a4c48eee8fbcb63610be37d57
-
SHA1
eac0aefd3edb79c19f3e5fc6e50f2f5e4408d767
-
SHA256
339416af74b8a4ebddb12a75d91e1338583151e9cd3b89e95bd5f53dffa93aac
-
SHA512
6ec4c79d13a171aae60939676d4de03f3ffcaf6df82e016effe33b73cd7c506aa84341dbe5e9f1024931f01702eb89fd3104e2d6ff3bcd01140188a6c63a38e4
-
SSDEEP
12288:EbluqziUG4G4Y7jeKuVnvon+N83LwwiAn6KkM33nxD1jeKuVmvFb+N8+Lwwijn6Y:Exu2G4G37tUnvone83Z76bMHxJtUmvFB
Malware Config
Targets
-
-
Target
339416af74b8a4ebddb12a75d91e1338583151e9cd3b89e95bd5f53dffa93aac
-
Size
689KB
-
MD5
935a7a0a4c48eee8fbcb63610be37d57
-
SHA1
eac0aefd3edb79c19f3e5fc6e50f2f5e4408d767
-
SHA256
339416af74b8a4ebddb12a75d91e1338583151e9cd3b89e95bd5f53dffa93aac
-
SHA512
6ec4c79d13a171aae60939676d4de03f3ffcaf6df82e016effe33b73cd7c506aa84341dbe5e9f1024931f01702eb89fd3104e2d6ff3bcd01140188a6c63a38e4
-
SSDEEP
12288:EbluqziUG4G4Y7jeKuVnvon+N83LwwiAn6KkM33nxD1jeKuVmvFb+N8+Lwwijn6Y:Exu2G4G37tUnvone83Z76bMHxJtUmvFB
Score8/10-
Registers COM server for autorun
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Installs/modifies Browser Helper Object
BHOs are DLL modules which act as plugins for Internet Explorer.
-
Drops file in System32 directory
-