General
-
Target
7769529d3fcd7549815d5f61eff6c22d344c1e4eb5298109bea5b770c16b811c
-
Size
7.2MB
-
Sample
231028-ztkmssde7s
-
MD5
8ba860e2d327960b7599e28db0832039
-
SHA1
7d9a298f9a6f097f8cf73c2885401c9b084c7a18
-
SHA256
7769529d3fcd7549815d5f61eff6c22d344c1e4eb5298109bea5b770c16b811c
-
SHA512
e74a6903fb60bb1b8a946dfb60fd9a545654aab8b38a747db556e5aa2da0a213532fc813d13b2474843828c7c0a8060f92dcb5466070092242aed1eeb6d1166b
-
SSDEEP
196608:91OErBiKUw4uRQSxqO+kepejqGPFfrBr+S5V8nQ5FF+K66:3OmBiFwXCSM1MjvPFfVr+S5q4yI
Malware Config
Targets
-
-
Target
7769529d3fcd7549815d5f61eff6c22d344c1e4eb5298109bea5b770c16b811c
-
Size
7.2MB
-
MD5
8ba860e2d327960b7599e28db0832039
-
SHA1
7d9a298f9a6f097f8cf73c2885401c9b084c7a18
-
SHA256
7769529d3fcd7549815d5f61eff6c22d344c1e4eb5298109bea5b770c16b811c
-
SHA512
e74a6903fb60bb1b8a946dfb60fd9a545654aab8b38a747db556e5aa2da0a213532fc813d13b2474843828c7c0a8060f92dcb5466070092242aed1eeb6d1166b
-
SSDEEP
196608:91OErBiKUw4uRQSxqO+kepejqGPFfrBr+S5V8nQ5FF+K66:3OmBiFwXCSM1MjvPFfVr+S5q4yI
Score8/10-
Blocklisted process makes network request
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Drops Chrome extension
-
Drops desktop.ini file(s)
-
Drops file in System32 directory
-