General
-
Target
Datos y actuaciones.exe
-
Size
461KB
-
Sample
230918-reh7eshg4y
-
MD5
59f5cb722e8f2ab00b06aec54c22e965
-
SHA1
e7c09b0cb79c9094c1619aae22acf27cc5029044
-
SHA256
5cb54293ba5cf461f2a5dd557dcf1526f1609e31759c77b293e36cb815599169
-
SHA512
c38aa959d2979b2302a5b9861cb6f5fa643214c6a0f5b4fdf4eb06bf76b4391c5a5ddc7d0b7f672721332cf5f35b9a373414a577bda09ffb75338c36fffa1bc9
-
SSDEEP
6144:FF4NsCOU0oFrRXKZ7pnylvuE+9kQbxyfjiCIsIABG3wIHdDqNtNq:FmNsCO3eRXKJpn+QVyfjiCI9Dy
Malware Config
Targets
-
-
Target
Datos y actuaciones.exe
-
Size
461KB
-
MD5
59f5cb722e8f2ab00b06aec54c22e965
-
SHA1
e7c09b0cb79c9094c1619aae22acf27cc5029044
-
SHA256
5cb54293ba5cf461f2a5dd557dcf1526f1609e31759c77b293e36cb815599169
-
SHA512
c38aa959d2979b2302a5b9861cb6f5fa643214c6a0f5b4fdf4eb06bf76b4391c5a5ddc7d0b7f672721332cf5f35b9a373414a577bda09ffb75338c36fffa1bc9
-
SSDEEP
6144:FF4NsCOU0oFrRXKZ7pnylvuE+9kQbxyfjiCIsIABG3wIHdDqNtNq:FmNsCO3eRXKJpn+QVyfjiCI9Dy
Score8/10-
Blocklisted process makes network request
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Suspicious use of SetThreadContext
-