General
-
Target
17df160c29a16532e06178a469ca7d42bb01f4369b6bb2efe1e0ba9b0817831b
-
Size
4.5MB
-
Sample
231002-rn4jqadb28
-
MD5
11d65a246eded66388d8930f2ee1ddbf
-
SHA1
99174d37730731b8af5d074af6b637709659a36b
-
SHA256
17df160c29a16532e06178a469ca7d42bb01f4369b6bb2efe1e0ba9b0817831b
-
SHA512
998239b7cb89bc1a4e3dba94ebd03bd39062092fff55db37d510bca3539400910877205f69754a0de930332bcd423a6eb915b1a4fe8c0862691650ebc0124754
-
SSDEEP
98304:P9xEpja9gwFK2JcwtM8PC1DKdzOJDb4v+:spVQC1WwN0v+
Malware Config
Targets
-
-
Target
17df160c29a16532e06178a469ca7d42bb01f4369b6bb2efe1e0ba9b0817831b
-
Size
4.5MB
-
MD5
11d65a246eded66388d8930f2ee1ddbf
-
SHA1
99174d37730731b8af5d074af6b637709659a36b
-
SHA256
17df160c29a16532e06178a469ca7d42bb01f4369b6bb2efe1e0ba9b0817831b
-
SHA512
998239b7cb89bc1a4e3dba94ebd03bd39062092fff55db37d510bca3539400910877205f69754a0de930332bcd423a6eb915b1a4fe8c0862691650ebc0124754
-
SSDEEP
98304:P9xEpja9gwFK2JcwtM8PC1DKdzOJDb4v+:spVQC1WwN0v+
Score8/10-
Downloads MZ/PE file
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Drops file in System32 directory
-