General
-
Target
1196c0ab10592a87191900cafe69b19e6c44f16252236d9290d5b63747876b4d.com
-
Size
7.8MB
-
Sample
230707-n2d97sgf92
-
MD5
5ade6e0edac7caf4c1913d717009f954
-
SHA1
6b871b4522ab28435635aeb316b47254c4e20ea7
-
SHA256
1196c0ab10592a87191900cafe69b19e6c44f16252236d9290d5b63747876b4d
-
SHA512
0faabab8ce759201baeb1861be0218fe8e8ae37799b965175916ddec60fd71befcddfadd39e5e7009c455b2dc5be7e9d9a905b2623d15431644bf388a364fd54
-
SSDEEP
196608:MLwWibT/9eHLz3wIs1zdmLYHSEzOq9WVHUuAG:GibTl03fs1JMYyqOqE
Malware Config
Targets
-
-
Target
1196c0ab10592a87191900cafe69b19e6c44f16252236d9290d5b63747876b4d.com
-
Size
7.8MB
-
MD5
5ade6e0edac7caf4c1913d717009f954
-
SHA1
6b871b4522ab28435635aeb316b47254c4e20ea7
-
SHA256
1196c0ab10592a87191900cafe69b19e6c44f16252236d9290d5b63747876b4d
-
SHA512
0faabab8ce759201baeb1861be0218fe8e8ae37799b965175916ddec60fd71befcddfadd39e5e7009c455b2dc5be7e9d9a905b2623d15431644bf388a364fd54
-
SSDEEP
196608:MLwWibT/9eHLz3wIs1zdmLYHSEzOq9WVHUuAG:GibTl03fs1JMYyqOqE
Score7/10-
Executes dropped EXE
-
Loads dropped DLL
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-