General
-
Target
File BeamNG.Drive.v0.28.1.zip.torrent ...exe
-
Size
161KB
-
Sample
230610-kehsbsed39
-
MD5
52cbfed702193577bcbc61e20b0b4b2c
-
SHA1
58864539ed09f78b392017138722ffa6d7d62f89
-
SHA256
20e1aabfaad727ba939133691a7c0ab34401f1c973e2611d8585ef1699670dff
-
SHA512
6ab5399f42ba6cb6733f21f96962cbbe02c34fd0e98f4c49c30711f2d7cec516e0956fc1490e2bd4a800a208419e7afc002f69d4cf4907af7417eb511ea0d09f
-
SSDEEP
1536:C1l0rjO6FA2Y133UiTC3EZQ43kMo4GNxrq7JjM8zPxJ80:Im3O6FAKV3EZQ4HL7J4ExJZ
Malware Config
Targets
-
-
Target
File BeamNG.Drive.v0.28.1.zip.torrent ...exe
-
Size
161KB
-
MD5
52cbfed702193577bcbc61e20b0b4b2c
-
SHA1
58864539ed09f78b392017138722ffa6d7d62f89
-
SHA256
20e1aabfaad727ba939133691a7c0ab34401f1c973e2611d8585ef1699670dff
-
SHA512
6ab5399f42ba6cb6733f21f96962cbbe02c34fd0e98f4c49c30711f2d7cec516e0956fc1490e2bd4a800a208419e7afc002f69d4cf4907af7417eb511ea0d09f
-
SSDEEP
1536:C1l0rjO6FA2Y133UiTC3EZQ43kMo4GNxrq7JjM8zPxJ80:Im3O6FAKV3EZQ4HL7J4ExJZ
Score7/10-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Adds Run key to start application
-
Drops Chrome extension
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-