General
-
Target
easy_Malicious_1d52646c7ff8353206c8adae181c264968603e051384b7007bc8472b0a1ecf5a.exe
-
Size
1.6MB
-
Sample
230704-r58j1aea85
-
MD5
a7d3e428e1c28e7d34de27a6c1f9746d
-
SHA1
df524899a335dc772d665e58838ecf19b372bd04
-
SHA256
f8cdc2240f930d68fb53f4dbac1b6ce9a3ed99ae47beeeab38675254c41e0cb7
-
SHA512
7960528db8f00636741025352493ed6b15af26f94ab34f765b051b4ad7989dd4f79c71b1e20668e7792ffcb6805d6cd07a52be3cc763e7ca0c5492c8b3a76ba9
-
SSDEEP
24576:oW7Kh7swsET1jWDtpaA/lFvyvKxMW4JtA8M0bdhHzuz8Fek2B58ftwy3OTGdQE4R:V7M7ZljEt00lFvn4Jt5KJpDitw29QZ
Malware Config
Targets
-
-
Target
easy_Malicious_1d52646c7ff8353206c8adae181c264968603e051384b7007bc8472b0a1ecf5a.exe
-
Size
1.6MB
-
MD5
a7d3e428e1c28e7d34de27a6c1f9746d
-
SHA1
df524899a335dc772d665e58838ecf19b372bd04
-
SHA256
f8cdc2240f930d68fb53f4dbac1b6ce9a3ed99ae47beeeab38675254c41e0cb7
-
SHA512
7960528db8f00636741025352493ed6b15af26f94ab34f765b051b4ad7989dd4f79c71b1e20668e7792ffcb6805d6cd07a52be3cc763e7ca0c5492c8b3a76ba9
-
SSDEEP
24576:oW7Kh7swsET1jWDtpaA/lFvyvKxMW4JtA8M0bdhHzuz8Fek2B58ftwy3OTGdQE4R:V7M7ZljEt00lFvn4Jt5KJpDitw29QZ
Score7/10-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Adds Run key to start application
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
Drops file in System32 directory
-