General
-
Target
7da17447aa53664eb97d79f6d2e9b347
-
Size
465KB
-
Sample
240128-wgb84sgefq
-
MD5
7da17447aa53664eb97d79f6d2e9b347
-
SHA1
cb5f9ae6c9171329d09116ff35da22ebc31834bf
-
SHA256
51c3539744206c0d8966f552e10c59c7ffa8111d8c0b8e9632d14f9639365b29
-
SHA512
b0fb6f7979158c01e46cc99954df86546d98328bbd5371d5edad9adf98559ba5a6b15f8a1e33250e14c6cf732445ff3e32cf87a1c1b0b52a1023043aed5f719f
-
SSDEEP
12288:w6CdhXRsu7SXAYuifOAq4TEaGixSQlnqGpgvf+35pYWefRLmAbPzNA:ShXRsumXAzAXEhixSgnqGpg3+M95lLzi
Malware Config
Targets
-
-
Target
7da17447aa53664eb97d79f6d2e9b347
-
Size
465KB
-
MD5
7da17447aa53664eb97d79f6d2e9b347
-
SHA1
cb5f9ae6c9171329d09116ff35da22ebc31834bf
-
SHA256
51c3539744206c0d8966f552e10c59c7ffa8111d8c0b8e9632d14f9639365b29
-
SHA512
b0fb6f7979158c01e46cc99954df86546d98328bbd5371d5edad9adf98559ba5a6b15f8a1e33250e14c6cf732445ff3e32cf87a1c1b0b52a1023043aed5f719f
-
SSDEEP
12288:w6CdhXRsu7SXAYuifOAq4TEaGixSQlnqGpgvf+35pYWefRLmAbPzNA:ShXRsumXAzAXEhixSgnqGpg3+M95lLzi
Score7/10-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Loads dropped DLL
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Drops desktop.ini file(s)
-
Installs/modifies Browser Helper Object
BHOs are DLL modules which act as plugins for Internet Explorer.
-