Resubmissions
10-08-2023 13:02
230810-p92wxach32 8General
-
Target
24bd790bc9427021121ec0e318db93369c2d893e40309f7083f178d3a5819161
-
Size
419KB
-
Sample
230810-p92wxach32
-
MD5
d811a57bc0e8b86b449277f9ffb50cc9
-
SHA1
cdab34eea2dfd5e96412e34c0b3eb090a9661377
-
SHA256
24bd790bc9427021121ec0e318db93369c2d893e40309f7083f178d3a5819161
-
SHA512
5b569f0cebdc006125ac37ee0e333a22a35189214b5c2ab05671e7c307936c1d121a9afd7c48ce5283435c755d82110ce70adffd4e20570c3d4f4680962a7dfa
-
SSDEEP
12288:ZvtSEEuEE3EEMEEzEE5EEOEEmEEAEE2EE6EE3EERhXz+MbfR1nYm4BJ1B4ywtT5m:Zvtk
Malware Config
Targets
-
-
Target
24bd790bc9427021121ec0e318db93369c2d893e40309f7083f178d3a5819161
-
Size
419KB
-
MD5
d811a57bc0e8b86b449277f9ffb50cc9
-
SHA1
cdab34eea2dfd5e96412e34c0b3eb090a9661377
-
SHA256
24bd790bc9427021121ec0e318db93369c2d893e40309f7083f178d3a5819161
-
SHA512
5b569f0cebdc006125ac37ee0e333a22a35189214b5c2ab05671e7c307936c1d121a9afd7c48ce5283435c755d82110ce70adffd4e20570c3d4f4680962a7dfa
-
SSDEEP
12288:ZvtSEEuEE3EEMEEzEE5EEOEEmEEAEE2EE6EE3EERhXz+MbfR1nYm4BJ1B4ywtT5m:Zvtk
Score8/10-
Downloads MZ/PE file
-
Loads dropped DLL
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-