General
-
Target
installer_Win8_Win11_x64_b57220609d5aa.exe
-
Size
89.3MB
-
Sample
230206-17c1jsbd4y
-
MD5
19cdba7c69e5429a4bb5b18feb66dce4
-
SHA1
5690a7d1a07ae9188b0cc6ec59ba2d81d155bfed
-
SHA256
b054d0bf1f7274938ef0fb0ad8946b6eef2a0f81bd1518de43c61fc32ed88662
-
SHA512
979edb541e1ebd9b26186b1aacb5bd400867f2315e512349289d9dfc1d770b8efbcc066951ad24b457605ba502057723d30e9da51988f677cb2ae7c847c11e18
-
SSDEEP
1572864:wUXfXzK11PZrm7q4o+Ahfo5YcLzb1aWBA+HKf4RamooEvMA/fxlN0+MqJQIxRH2w:wUXfDU1ht4PAhZcXxdW+qf4Ko7w/0+kI
Malware Config
Targets
-
-
Target
installer_Win8_Win11_x64_b57220609d5aa.exe
-
Size
89.3MB
-
MD5
19cdba7c69e5429a4bb5b18feb66dce4
-
SHA1
5690a7d1a07ae9188b0cc6ec59ba2d81d155bfed
-
SHA256
b054d0bf1f7274938ef0fb0ad8946b6eef2a0f81bd1518de43c61fc32ed88662
-
SHA512
979edb541e1ebd9b26186b1aacb5bd400867f2315e512349289d9dfc1d770b8efbcc066951ad24b457605ba502057723d30e9da51988f677cb2ae7c847c11e18
-
SSDEEP
1572864:wUXfXzK11PZrm7q4o+Ahfo5YcLzb1aWBA+HKf4RamooEvMA/fxlN0+MqJQIxRH2w:wUXfDU1ht4PAhZcXxdW+qf4Ko7w/0+kI
Score10/10-
Modifies system executable filetype association
-
Blocklisted process makes network request
-
Drops file in Drivers directory
-
Sets service image path in registry
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Registers COM server for autorun
-
Adds Run key to start application
-
Checks for any installed AV software in registry
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Drops desktop.ini file(s)
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
Drops file in System32 directory
-