General
-
Target
PixelSee_id279225id.exe.7z
-
Size
1.8MB
-
Sample
230830-xtjdmahc8x
-
MD5
c99d2beb45d8f9c90a45bc3f83b7635d
-
SHA1
1cf685cf5307f64c59a4516a4185e4006043ea39
-
SHA256
ad442078160747a2d1fad5e8977e97c7f69ba13fb7d0a3dbe376ef7e05816941
-
SHA512
bf30eb1c14409057086839da08686dd43c6d196796afa041cb6855c37c4cde30cf34c8ada378ae5368f0601fb8936ebd87aa2306238b97ea80e77b5eeea9bc1f
-
SSDEEP
24576:IlEf0dqxeNtbIVSAKqs7TngE8Uy/YblWRdDB4XQykvNIr8+aSLLk0xJ5H8QJaeF4:ydqoNtb8cV7zO9ylU4XMIA+aR03i6
Malware Config
Targets
-
-
Target
PixelSee_id279225id.exe
-
Size
3.2MB
-
MD5
60849a8ff219be4bec52709173984455
-
SHA1
655f2a35efe59837b287d9b02c0c723f09a73a8b
-
SHA256
b2a96537b627cc5f7ed63b4b9491b9ea15b08c88dfdd5aeb7a00d903dd4d0176
-
SHA512
f6642be72c323d148ef1590ad1f341759f645af8cf537a4b1cea363768f412f8b4f0a7becd9f362c6442df706c0fbcb5b43824a299969a8e5704c436dfa5d19d
-
SSDEEP
49152:OYmOcTD7x4cPKESEzLU0Ava6yQdpM8nGWmIHa03okleDhojwVuaGfJb:eXx7Plvv1/QI8GWm03okl4E5
Score7/10-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Checks for any installed AV software in registry
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-