General
-
Target
download (3).jpeg
-
Size
9KB
-
Sample
230614-sj2p1aaf6t
-
MD5
fcac59a418fdafc033532f77c3630391
-
SHA1
c19330111aa58a5b64fa317ada53a5195c7ac9ea
-
SHA256
c850041932bc07716d98ce794462d1132bd617921b6fbd8f136f3c11cda794df
-
SHA512
ba118fe982892e4d18842e8b399fd495ad2d4203f47b901ef6d761d574c19ec9cef48070be8ea9363eda99f4168bee47ebbfa80c02c76933310269fee7c03ddb
-
SSDEEP
192:QzyQGEO0llr+pz9XyTsvcDWQF4AIhnwhnqpnbz5/dQQ2NBJzyWxCVV:QzyQGEO0llrcXepDW/bhnKqpbzxdQQ0I
Malware Config
Targets
-
-
Target
download (3).jpeg
-
Size
9KB
-
MD5
fcac59a418fdafc033532f77c3630391
-
SHA1
c19330111aa58a5b64fa317ada53a5195c7ac9ea
-
SHA256
c850041932bc07716d98ce794462d1132bd617921b6fbd8f136f3c11cda794df
-
SHA512
ba118fe982892e4d18842e8b399fd495ad2d4203f47b901ef6d761d574c19ec9cef48070be8ea9363eda99f4168bee47ebbfa80c02c76933310269fee7c03ddb
-
SSDEEP
192:QzyQGEO0llr+pz9XyTsvcDWQF4AIhnwhnqpnbz5/dQQ2NBJzyWxCVV:QzyQGEO0llrcXepDW/bhnKqpbzxdQQ0I
Score8/10-
Contacts a large (566) amount of remote hosts
This may indicate a network scan to discover remotely running services.
-
Downloads MZ/PE file
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-