General
-
Target
[Official]_Fotor_secure_installer_4.5.8_x64.exe
-
Size
18.3MB
-
Sample
230423-ehjwxaah23
-
MD5
1ba6aff61c12c90005f26b4ba72d0c1b
-
SHA1
253930a0a9ffa460e738d44aa3d9bebe6f41dd29
-
SHA256
47ebfccf674b07b81df6379104ef8b9a31be66f597c4084446a92ff536756375
-
SHA512
c2a1530c99d601abc3c6564efa76614e7b585e4fb9a7c5afc5b1d1f969777febf5cd658f864439a3ac64ec33b405f5959e77272c1a22e68cff0ee5abaf3e6953
-
SSDEEP
393216:jvuLuJEn4A/lh2pugC4iEifhBFCmM+hfHg4Z6wBMPIF:KCq4YQpuggfhbNbhfrZF
Malware Config
Targets
-
-
Target
[Official]_Fotor_secure_installer_4.5.8_x64.exe
-
Size
18.3MB
-
MD5
1ba6aff61c12c90005f26b4ba72d0c1b
-
SHA1
253930a0a9ffa460e738d44aa3d9bebe6f41dd29
-
SHA256
47ebfccf674b07b81df6379104ef8b9a31be66f597c4084446a92ff536756375
-
SHA512
c2a1530c99d601abc3c6564efa76614e7b585e4fb9a7c5afc5b1d1f969777febf5cd658f864439a3ac64ec33b405f5959e77272c1a22e68cff0ee5abaf3e6953
-
SSDEEP
393216:jvuLuJEn4A/lh2pugC4iEifhBFCmM+hfHg4Z6wBMPIF:KCq4YQpuggfhbNbhfrZF
Score7/10-
Loads dropped DLL
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-
Legitimate hosting services abused for malware hosting/C2
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-