General
-
Target
bsco-4v4t4r.exe
-
Size
1.6MB
-
Sample
230419-c2ep7afg82
-
MD5
db783ed83c2357004d528cc826d1b515
-
SHA1
9b6ae234188c987c3676ac32da8bc767412fe185
-
SHA256
6186f849cc6b7a97b0efdd6f3c4df94446d1a748cdbd4797735beccb49e89679
-
SHA512
40a89295643afe7cfe5b93b7c0b0f6ef3f3d7f8f1466b49369f11fd6e9a34e5275b284aa7fd1fa68b5e2c45876000a7aee061d247a2f5db454a71de462e9d53f
-
SSDEEP
24576:Si2Q9NXw2/wPOjdGxY2rqkqjVnlqud+/2P+A+ZecdyFoBkkAnexMrdgL3:lTq24GjdGSiqkqXfd+/9AqYanieKd
Behavioral task
behavioral1
Sample
bsco-4v4t4r.exe
Resource
win10v2004-20230220-en
Malware Config
Extracted
stealerium
https://discord.com/api/webhooks/1098036117200175144/QONlbgzWDW_w-dZGaGf-vOIUWvyIkIZrXwHvngI6dJk8z-wPJrU1jiWkXpXPK2uR0gUt
Targets
-
-
Target
bsco-4v4t4r.exe
-
Size
1.6MB
-
MD5
db783ed83c2357004d528cc826d1b515
-
SHA1
9b6ae234188c987c3676ac32da8bc767412fe185
-
SHA256
6186f849cc6b7a97b0efdd6f3c4df94446d1a748cdbd4797735beccb49e89679
-
SHA512
40a89295643afe7cfe5b93b7c0b0f6ef3f3d7f8f1466b49369f11fd6e9a34e5275b284aa7fd1fa68b5e2c45876000a7aee061d247a2f5db454a71de462e9d53f
-
SSDEEP
24576:Si2Q9NXw2/wPOjdGxY2rqkqjVnlqud+/2P+A+ZecdyFoBkkAnexMrdgL3:lTq24GjdGSiqkqXfd+/9AqYanieKd
Score10/10-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Accesses Microsoft Outlook profiles
-
Legitimate hosting services abused for malware hosting/C2
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-