General
-
Target
21d079aa9bda4ae3ff3431972ecdc42d
-
Size
192KB
-
Sample
231231-avwzsafddl
-
MD5
21d079aa9bda4ae3ff3431972ecdc42d
-
SHA1
ff0e6958867dd8e1b2a6d0895ba5499f5b73ea9d
-
SHA256
e50377cc84a475e2c96ce78b0308260ddceb0203358a051a04a9f3a02f9a2cfd
-
SHA512
b681ada294d657d7f289132aea7932f6bcd978881f3ba2ff2653f6d1aafb52c85717884c0c07257a705def5f8944beb87ac33074d25eeafb961c60cfd5613586
-
SSDEEP
3072:N2m2obrFXkRG4feavmHE9UgKmIcPG+KD4fMxbjeWTZcPeSxqL9R0s+O:QE3FXkrfGgkcrfMxbjnIxqL/5
Malware Config
Targets
-
-
Target
21d079aa9bda4ae3ff3431972ecdc42d
-
Size
192KB
-
MD5
21d079aa9bda4ae3ff3431972ecdc42d
-
SHA1
ff0e6958867dd8e1b2a6d0895ba5499f5b73ea9d
-
SHA256
e50377cc84a475e2c96ce78b0308260ddceb0203358a051a04a9f3a02f9a2cfd
-
SHA512
b681ada294d657d7f289132aea7932f6bcd978881f3ba2ff2653f6d1aafb52c85717884c0c07257a705def5f8944beb87ac33074d25eeafb961c60cfd5613586
-
SSDEEP
3072:N2m2obrFXkRG4feavmHE9UgKmIcPG+KD4fMxbjeWTZcPeSxqL9R0s+O:QE3FXkrfGgkcrfMxbjnIxqL/5
Score7/10-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Adds Run key to start application
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-