General
-
Target
main.exe
-
Size
14.7MB
-
Sample
230504-ax12hsbc7y
-
MD5
e509d7d094e6da9c05b9ec11d2d98965
-
SHA1
3385046a2d26ccf5f7f3f3a73eebead8acf8b32d
-
SHA256
7de67373e0023ad38353f0f05c942e5d2d72dd44bf8d6ddc29ece310514639b6
-
SHA512
5d6e99327fca142bdd47d818b0c921c2ba655c862bc665607c5a5527c068a315d53a9f72451083cbc0cbcd06e1295c612a690411388fb7fd906b4fb3046ba648
-
SSDEEP
196608:eI/lOqPnih8FXj+hETCgeB0sKYu/PaQgKDnO8NpHzgsAGKJrl/RZtG7Ef5tqlKWM:UqPnLFCKTsQpDOETgs6r/GI76KNedwk
Malware Config
Targets
-
-
Target
main.exe
-
Size
14.7MB
-
MD5
e509d7d094e6da9c05b9ec11d2d98965
-
SHA1
3385046a2d26ccf5f7f3f3a73eebead8acf8b32d
-
SHA256
7de67373e0023ad38353f0f05c942e5d2d72dd44bf8d6ddc29ece310514639b6
-
SHA512
5d6e99327fca142bdd47d818b0c921c2ba655c862bc665607c5a5527c068a315d53a9f72451083cbc0cbcd06e1295c612a690411388fb7fd906b4fb3046ba648
-
SSDEEP
196608:eI/lOqPnih8FXj+hETCgeB0sKYu/PaQgKDnO8NpHzgsAGKJrl/RZtG7Ef5tqlKWM:UqPnLFCKTsQpDOETgs6r/GI76KNedwk
Score7/10-
Loads dropped DLL
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-
Adds Run key to start application
-
Legitimate hosting services abused for malware hosting/C2
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-