General
-
Target
e68dde7932e60d3706bd456bae9dc9411801cd62a777d2bbbaa5ee4ce77bb61c
-
Size
2.4MB
-
Sample
221201-kfd6jaee8y
-
MD5
6bc7b68e7ebdf08caab72aac7428af47
-
SHA1
6db43bbe037844538b1788e434c8f298f87cee68
-
SHA256
e68dde7932e60d3706bd456bae9dc9411801cd62a777d2bbbaa5ee4ce77bb61c
-
SHA512
ae0067fcc730faacf22c0b9e8f61249941d62608a8071e5a283717a273043ad828a8776d561b196bf51eed4eb67b0e5d8e74e5363af39eb99a11008b22dab0fd
-
SSDEEP
49152:ubF3NKMXlpAb25GScHZYjRH81/aQFHFaQyK2jE+kjytOw5UJTvpnqfZ8BezMMo/i:ubF3N1Xla25GSGWjRO/a7QyKQE3yT5IS
Malware Config
Targets
-
-
Target
e68dde7932e60d3706bd456bae9dc9411801cd62a777d2bbbaa5ee4ce77bb61c
-
Size
2.4MB
-
MD5
6bc7b68e7ebdf08caab72aac7428af47
-
SHA1
6db43bbe037844538b1788e434c8f298f87cee68
-
SHA256
e68dde7932e60d3706bd456bae9dc9411801cd62a777d2bbbaa5ee4ce77bb61c
-
SHA512
ae0067fcc730faacf22c0b9e8f61249941d62608a8071e5a283717a273043ad828a8776d561b196bf51eed4eb67b0e5d8e74e5363af39eb99a11008b22dab0fd
-
SSDEEP
49152:ubF3NKMXlpAb25GScHZYjRH81/aQFHFaQyK2jE+kjytOw5UJTvpnqfZ8BezMMo/i:ubF3N1Xla25GSGWjRO/a7QyKQE3yT5IS
Score8/10-
ASPack v2.12-2.42
Detects executables packed with ASPack v2.12-2.42
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Adds Run key to start application
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
Drops autorun.inf file
Malware can abuse Windows Autorun to spread further via attached volumes.
-
Drops file in System32 directory
-