General
-
Target
ab142f5dba2c3dac90f8303c44e74970bb42792ae7ff480426b9c1893cacf9ed.bin
-
Size
123KB
-
Sample
230505-xkswpsfc86
-
MD5
c50a968d1c6351e9e087a56b1e5a1acd
-
SHA1
d9c4742a26bf41c5009f2e56f53ae9fab931a5b1
-
SHA256
ab142f5dba2c3dac90f8303c44e74970bb42792ae7ff480426b9c1893cacf9ed
-
SHA512
a98ff57f8246de2a0f9293559e5a4d34853a22bd0c85237d6662ecb81356c6466164e7f61345bbb1b31ed09ff61cb464732c5af8bb674601a3ebb6c703d009b7
-
SSDEEP
3072:wlrwbVaNHJLRnXsJynTQkQhYXzKexgUxTEe8ELcfffffffffU1:6sBaNp1synTQkQhYXzxSUBB9cffffffc
Malware Config
Targets
-
-
Target
ab142f5dba2c3dac90f8303c44e74970bb42792ae7ff480426b9c1893cacf9ed.bin
-
Size
123KB
-
MD5
c50a968d1c6351e9e087a56b1e5a1acd
-
SHA1
d9c4742a26bf41c5009f2e56f53ae9fab931a5b1
-
SHA256
ab142f5dba2c3dac90f8303c44e74970bb42792ae7ff480426b9c1893cacf9ed
-
SHA512
a98ff57f8246de2a0f9293559e5a4d34853a22bd0c85237d6662ecb81356c6466164e7f61345bbb1b31ed09ff61cb464732c5af8bb674601a3ebb6c703d009b7
-
SSDEEP
3072:wlrwbVaNHJLRnXsJynTQkQhYXzKexgUxTEe8ELcfffffffffU1:6sBaNp1synTQkQhYXzxSUBB9cffffffc
Score9/10-
Modifies boot configuration data using bcdedit
-
Stops running service(s)
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Adds Run key to start application
-