General
-
Target
46690e78db85daefd68ece8c6f33e961.bin
-
Size
1.6MB
-
Sample
240213-cckj5sab65
-
MD5
46690e78db85daefd68ece8c6f33e961
-
SHA1
e1e38baf2c7c83cf7e685a83199342c520652669
-
SHA256
17291a5235d0d22d58b8481e6651f8f2cfb45598ddd994440972e3be6cc98ce9
-
SHA512
5d6ef26234b0c35f7bd534f2bba4f0a66a434142f8e2d8c7b2207c6fa0f3e99bbb25e67c9dfb9d085a5fb9a28c9df22c57af8be78e2d041294beef91f37c6884
-
SSDEEP
49152:EkTq24GjdGSiqkqXfd+/9AqYanieKdsm:E1EjdGSiqkqXf0FLYW
Behavioral task
behavioral1
Sample
46690e78db85daefd68ece8c6f33e961.exe
Resource
win7-20231215-en
Behavioral task
behavioral2
Sample
46690e78db85daefd68ece8c6f33e961.exe
Resource
win10v2004-20231215-en
Malware Config
Extracted
stealerium
https://discord.com/api/webhooks/1204924850506829834/j07dZl8IkPnJpyrDKz3avi_-wWdpdre6hrC1esgBraytV3ESJH8oredpgBWiw6ZfPPf3
Targets
-
-
Target
46690e78db85daefd68ece8c6f33e961.bin
-
Size
1.6MB
-
MD5
46690e78db85daefd68ece8c6f33e961
-
SHA1
e1e38baf2c7c83cf7e685a83199342c520652669
-
SHA256
17291a5235d0d22d58b8481e6651f8f2cfb45598ddd994440972e3be6cc98ce9
-
SHA512
5d6ef26234b0c35f7bd534f2bba4f0a66a434142f8e2d8c7b2207c6fa0f3e99bbb25e67c9dfb9d085a5fb9a28c9df22c57af8be78e2d041294beef91f37c6884
-
SSDEEP
49152:EkTq24GjdGSiqkqXfd+/9AqYanieKdsm:E1EjdGSiqkqXf0FLYW
Score10/10-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Accesses Microsoft Outlook profiles
-
Legitimate hosting services abused for malware hosting/C2
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-