General
-
Target
ccsetup610_pro_trial.exe
-
Size
51.4MB
-
Sample
230405-q4cv9sfa85
-
MD5
018bb8581be952817f0764eea8e47d8b
-
SHA1
3cf7fdb1ea7e525fad755c1557f10f016e16399f
-
SHA256
c313119701c422a0c2f407afee3bbf4e5873aab40b0edad82114a266e70fbb59
-
SHA512
6a4129796041833e6391c8a70157542f591cc61ba881a668779429d9e738b88a8648a0e62c6e0f10d3fcd7238f73d30df8c7b8c05c4be354ea5eaa483516016e
-
SSDEEP
1572864:fXa3QR9TUKGAqcudtTkpttagIc56qFVKtdgZ:fq3QR9dRqv3TyEEnCdgZ
Malware Config
Targets
-
-
Target
ccsetup610_pro_trial.exe
-
Size
51.4MB
-
MD5
018bb8581be952817f0764eea8e47d8b
-
SHA1
3cf7fdb1ea7e525fad755c1557f10f016e16399f
-
SHA256
c313119701c422a0c2f407afee3bbf4e5873aab40b0edad82114a266e70fbb59
-
SHA512
6a4129796041833e6391c8a70157542f591cc61ba881a668779429d9e738b88a8648a0e62c6e0f10d3fcd7238f73d30df8c7b8c05c4be354ea5eaa483516016e
-
SSDEEP
1572864:fXa3QR9TUKGAqcudtTkpttagIc56qFVKtdgZ:fq3QR9dRqv3TyEEnCdgZ
Score8/10-
Downloads MZ/PE file
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Adds Run key to start application
-
Checks for any installed AV software in registry
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Writes to the Master Boot Record (MBR)
Bootkits write to the MBR to gain persistence at a level below the operating system.
-
Checks system information in the registry
System information is often read in order to detect sandboxing environments.
-