General
-
Target
a9b896ef2417011f0fd106442c3d3be2ab2684413f73b32ed2b58682190cfda7
-
Size
272KB
-
Sample
221129-dy3taaee6x
-
MD5
093007066e4e611d6c5e75ad4b1e77f3
-
SHA1
d31fee5289f5061f998db31eff1b3faef4be5363
-
SHA256
a9b896ef2417011f0fd106442c3d3be2ab2684413f73b32ed2b58682190cfda7
-
SHA512
d5a152f75b0001caea3ea5eeff9b79c082d3b5b1067aa1742e359a8f3d939176ae4c53239f179c2653d7f2951c8fc5ddc9cb53dc5794f9abf9b4d7d302cba893
-
SSDEEP
6144:oFSiBL1Y1NEYMRkjYLvFtSxOTdgW5FTl3XN+u/YerMoRJahpcM:oFSiBL1Y1NEYMR3vDSxOqW5FxzRJazcM
Malware Config
Targets
-
-
Target
a9b896ef2417011f0fd106442c3d3be2ab2684413f73b32ed2b58682190cfda7
-
Size
272KB
-
MD5
093007066e4e611d6c5e75ad4b1e77f3
-
SHA1
d31fee5289f5061f998db31eff1b3faef4be5363
-
SHA256
a9b896ef2417011f0fd106442c3d3be2ab2684413f73b32ed2b58682190cfda7
-
SHA512
d5a152f75b0001caea3ea5eeff9b79c082d3b5b1067aa1742e359a8f3d939176ae4c53239f179c2653d7f2951c8fc5ddc9cb53dc5794f9abf9b4d7d302cba893
-
SSDEEP
6144:oFSiBL1Y1NEYMRkjYLvFtSxOTdgW5FTl3XN+u/YerMoRJahpcM:oFSiBL1Y1NEYMR3vDSxOqW5FxzRJazcM
Score10/10-
Modifies visiblity of hidden/system files in Explorer
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Adds Run key to start application
-