General
-
Target
48211c6f957c2ad024441be3fc32aecd7c317dfc92523b0a675c0cfec86ffdd9
-
Size
8.5MB
-
Sample
230518-q4sxgsbf63
-
MD5
b48eb1e7e377f6e7356e9fb62c94ca46
-
SHA1
b07b9f0a199ad4f859efd13fe50aecc154353bee
-
SHA256
48211c6f957c2ad024441be3fc32aecd7c317dfc92523b0a675c0cfec86ffdd9
-
SHA512
36daa626ee29451069385cfa949cbbd649e2e4008e57ef35de958e9d62067506b8de2dbe4df816a80fc4fb43ad61b3681ed24ca5434a26f84bea729a559fa586
-
SSDEEP
98304:/IAOnqfjWvGRCbRwpo6xJgye1pNiFQ4rPaAmGDyF7b97vUg:/IAmttgHgyePNiFQ0PIay9b9Ug
Malware Config
Targets
-
-
Target
48211c6f957c2ad024441be3fc32aecd7c317dfc92523b0a675c0cfec86ffdd9
-
Size
8.5MB
-
MD5
b48eb1e7e377f6e7356e9fb62c94ca46
-
SHA1
b07b9f0a199ad4f859efd13fe50aecc154353bee
-
SHA256
48211c6f957c2ad024441be3fc32aecd7c317dfc92523b0a675c0cfec86ffdd9
-
SHA512
36daa626ee29451069385cfa949cbbd649e2e4008e57ef35de958e9d62067506b8de2dbe4df816a80fc4fb43ad61b3681ed24ca5434a26f84bea729a559fa586
-
SSDEEP
98304:/IAOnqfjWvGRCbRwpo6xJgye1pNiFQ4rPaAmGDyF7b97vUg:/IAmttgHgyePNiFQ0PIay9b9Ug
Score10/10-
PrivateLoader
PrivateLoader is a downloader sold as a pay-per-install malware distribution service.
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-
Drops file in System32 directory
-