General
-
Target
Stremio+4.4.159.exe
-
Size
106.5MB
-
Sample
230319-dsejhagf9x
-
MD5
4457aa00a6ced0c6d3044672842a4822
-
SHA1
1e128ddca0765767f679fb9066c8258f0bf89ee1
-
SHA256
7f0dad4a060c28c468a0050650a682b6f1c51039bd14e2d44883368e47d7e638
-
SHA512
664b136c852c1d408c785e7a8a8e990ad214acce8ab7a6fef1c817c3b37ab172ae71970e114debd4e85b49c4c4b0c7b0c9fced9b8d31a0a1ede6ba73863aa508
-
SSDEEP
3145728:XzdpqKUfzM8/I/OWKkd1TiDlSC61jJTNCO1JT7:DdoK18w2Wl7TOlSxXNCO197
Malware Config
Targets
-
-
Target
Stremio+4.4.159.exe
-
Size
106.5MB
-
MD5
4457aa00a6ced0c6d3044672842a4822
-
SHA1
1e128ddca0765767f679fb9066c8258f0bf89ee1
-
SHA256
7f0dad4a060c28c468a0050650a682b6f1c51039bd14e2d44883368e47d7e638
-
SHA512
664b136c852c1d408c785e7a8a8e990ad214acce8ab7a6fef1c817c3b37ab172ae71970e114debd4e85b49c4c4b0c7b0c9fced9b8d31a0a1ede6ba73863aa508
-
SSDEEP
3145728:XzdpqKUfzM8/I/OWKkd1TiDlSC61jJTNCO1JT7:DdoK18w2Wl7TOlSxXNCO197
Score7/10-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-