General
-
Target
5276bd65b141ce_JC.exe
-
Size
792KB
-
Sample
230716-jewthsdh8w
-
MD5
5276bd65b141cef9e6c76660495adabd
-
SHA1
a8710c6f178e52d421d045b828f7edd89ee4d694
-
SHA256
4190288a4f39445c4ce4c5082fed2525fa763eecca5c1f1814c48198a20b1b96
-
SHA512
6b52839dbc7006d99a53300407b1e930adc530455c1c68ed64d66d973d6b06545807dc0730639ad89964d6a5b341a0e97d0a5b92c6954c8637faab59cc55a4d3
-
SSDEEP
24576:66h9VX7s4xZ4XgpJArz1kuSFOTJxWDaX8QVL+rEG0:62rxr4XaQzyoPtF+rA
Malware Config
Targets
-
-
Target
5276bd65b141ce_JC.exe
-
Size
792KB
-
MD5
5276bd65b141cef9e6c76660495adabd
-
SHA1
a8710c6f178e52d421d045b828f7edd89ee4d694
-
SHA256
4190288a4f39445c4ce4c5082fed2525fa763eecca5c1f1814c48198a20b1b96
-
SHA512
6b52839dbc7006d99a53300407b1e930adc530455c1c68ed64d66d973d6b06545807dc0730639ad89964d6a5b341a0e97d0a5b92c6954c8637faab59cc55a4d3
-
SSDEEP
24576:66h9VX7s4xZ4XgpJArz1kuSFOTJxWDaX8QVL+rEG0:62rxr4XaQzyoPtF+rA
Score10/10-
Modifies visibility of file extensions in Explorer
-
UAC bypass
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-