General
-
Target
7abe7c256b201aad3a1799095cff962a
-
Size
301KB
-
Sample
240127-t5jxrahgbn
-
MD5
7abe7c256b201aad3a1799095cff962a
-
SHA1
6fbf656b5dab1d679d321480bdae35672ea0ac09
-
SHA256
f10eb53b43bf54729604c26ad4241dc2147d75b5e62fbaa6472fc08a7cdb8942
-
SHA512
f1fcf087b597f2598fb12f9ceabd0b094a0487a64a3f8cfb4ea54557342159dc46da5ea4234a2f32d9dc5a97fdebad4aeaeea5794fc03ec4accb332ab6c096be
-
SSDEEP
3072:uzW+DiC9iLo+GnHD5GWp1icKAArDZz4N9GhbkrNEk1dhsL251ItjUI6yXDgiJ5YT:JKwLo7Bp0yN90QEYRQUI6yEiJIEx5t
Malware Config
Targets
-
-
Target
7abe7c256b201aad3a1799095cff962a
-
Size
301KB
-
MD5
7abe7c256b201aad3a1799095cff962a
-
SHA1
6fbf656b5dab1d679d321480bdae35672ea0ac09
-
SHA256
f10eb53b43bf54729604c26ad4241dc2147d75b5e62fbaa6472fc08a7cdb8942
-
SHA512
f1fcf087b597f2598fb12f9ceabd0b094a0487a64a3f8cfb4ea54557342159dc46da5ea4234a2f32d9dc5a97fdebad4aeaeea5794fc03ec4accb332ab6c096be
-
SSDEEP
3072:uzW+DiC9iLo+GnHD5GWp1icKAArDZz4N9GhbkrNEk1dhsL251ItjUI6yXDgiJ5YT:JKwLo7Bp0yN90QEYRQUI6yEiJIEx5t
Score8/10-
Stops running service(s)
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Create or Modify System Process
1Windows Service
1