General
-
Target
pvz igruha.7z
-
Size
154.0MB
-
Sample
240218-n82n3shg5s
-
MD5
247dd2cd6432211aeb37ddc3c70a94d5
-
SHA1
80b2552981cb6b791e8e0e69c1a0c8fc4e184df0
-
SHA256
6497b4926c3435ea355a89f03eea6e70fea7c8919b71968ed8a1f5ef5ee10666
-
SHA512
caee37d7f9ed1dfcfa0622bbad7f8d7557f1045941f195b4bf127c23523bb65f2c87cf631c2ed6b65850b0bbcd259dc684c7ad9dc8afcd4b97fd8a1360f6f369
-
SSDEEP
3145728:wJ1TaZQy5rAKWE/IN9iyhQXfrsuAzZ1HdcuGjvXDwCAwq98E7eRN7rFzXXm:wJ4ZQypAKN/fWUsuAndcupCFqsRN7rdG
Malware Config
Targets
-
-
Target
Plants vs. Zombies/Setup.exe
-
Size
2.2MB
-
MD5
ac97d64fa4b3aad63e9bb3526a41a586
-
SHA1
6532d22cc4a9fd08c1bdcae143560350c305908d
-
SHA256
1c1fccae68adf49272c51f94d1e6519bea2fa9e785c337c8d1569618d2dae75a
-
SHA512
c503b42fb1db0e53f23cff282a4e52bdf3dd1ce55da7860d27ec0cfa6849e331f582a376e0e35b46ca30a30c87af4c1c814a76b92c18aefa3e0b1c5fd95c65a4
-
SSDEEP
49152:mmPA/oUp6cgI9vnmplj4NhWNZXvHo94GBBy0T1O723kYO:LIgu6PIcd4N8jv24x0poEkYO
Score7/10-
Executes dropped EXE
-
Loads dropped DLL
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Drops Chrome extension
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
-
-
Target
Plants vs. Zombies/data0.bin
-
Size
151.9MB
-
MD5
1acc1197fd31edd0d001dcb61bb6e280
-
SHA1
a9780f7ebadd99433217b29226fc04335d1dc7de
-
SHA256
db0338600c36fd47cdd751048eaed426a81d612b272b74bfb7f79e0d7be88472
-
SHA512
f71d1c2ba7b7b6cca5e8e85374748deb0130dc3e4316ddc4add42093e2e41a804b3f37c3dbf07ce15746971a115d35ba9ea3ba4d6a5cc4fd780e5765f3d3f626
-
SSDEEP
3145728:VrVaAymtelAIyv0OfI8oz1uHO4tfhnpFruuSBMzSP4zcnY9WFlUlUJEVL9x:VrfymtQAIo0I6V4tf5ruuK4YnlUlUJmD
Score3/10 -