General
-
Target
5ef0ca9b4964b47f8f35d8f5a0962205
-
Size
461KB
-
Sample
231226-j5c44ahcd7
-
MD5
5ef0ca9b4964b47f8f35d8f5a0962205
-
SHA1
36f63841f739f30396d885d803640123b4418d15
-
SHA256
75e4bb364f3c00e3a6f6f976af8c6d1ff7ee40017466bd20502e154691442275
-
SHA512
0a02065bc3daf85b5bce72aabcc4aaa01702cbc42bd13cae1b8a8edcc4282fd7bd9071b4f558378cfada4f6ad58007d178d93608516f242913fbbe92cf9bd65f
-
SSDEEP
12288:KstKi/CYqICxr0BnVIPm1/rF/UhoNieeAssK7sl:zKi/CXICx0+m1B/eoNiee
Malware Config
Targets
-
-
Target
5ef0ca9b4964b47f8f35d8f5a0962205
-
Size
461KB
-
MD5
5ef0ca9b4964b47f8f35d8f5a0962205
-
SHA1
36f63841f739f30396d885d803640123b4418d15
-
SHA256
75e4bb364f3c00e3a6f6f976af8c6d1ff7ee40017466bd20502e154691442275
-
SHA512
0a02065bc3daf85b5bce72aabcc4aaa01702cbc42bd13cae1b8a8edcc4282fd7bd9071b4f558378cfada4f6ad58007d178d93608516f242913fbbe92cf9bd65f
-
SSDEEP
12288:KstKi/CYqICxr0BnVIPm1/rF/UhoNieeAssK7sl:zKi/CXICx0+m1B/eoNiee
Score7/10-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Reads data files stored by FTP clients
Tries to access configuration files associated with programs like FileZilla.
-
Reads local data of messenger clients
Infostealers often target stored data of messaging applications, which can include saved credentials and account information.
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-