General

  • Target

    driver_booster_setup.exe

  • Size

    28.2MB

  • Sample

    240222-2p62caga8t

  • MD5

    e0dbebe7e36a4d243550ff1bdbd704f3

  • SHA1

    f48825c9516a0d54f06d3d137baaf2822bf966e0

  • SHA256

    064fabff0d4742fdd06d64c85faae3381d772ac51d88432f8c0584581aa0a387

  • SHA512

    4e2fd38e14d68286bd2e96059b5b38ec2b9ae67e68ef8da3c83b5de23e1cd88824572cf13968e3fc1b2f5f85e3268e1ce7a09d2be41480a8dff77f180c236a12

  • SSDEEP

    786432:3Nuh9ibNGONiUaeN8jo5NyXR7RMFWYFCFVeT:3Nuho1JaNk5iRlSNkFVeT

Malware Config

Targets

    • Target

      driver_booster_setup.exe

    • Size

      28.2MB

    • MD5

      e0dbebe7e36a4d243550ff1bdbd704f3

    • SHA1

      f48825c9516a0d54f06d3d137baaf2822bf966e0

    • SHA256

      064fabff0d4742fdd06d64c85faae3381d772ac51d88432f8c0584581aa0a387

    • SHA512

      4e2fd38e14d68286bd2e96059b5b38ec2b9ae67e68ef8da3c83b5de23e1cd88824572cf13968e3fc1b2f5f85e3268e1ce7a09d2be41480a8dff77f180c236a12

    • SSDEEP

      786432:3Nuh9ibNGONiUaeN8jo5NyXR7RMFWYFCFVeT:3Nuho1JaNk5iRlSNkFVeT

    • ACProtect 1.3x - 1.4x DLL software

      Detects file using ACProtect software.

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Checks for any installed AV software in registry

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

MITRE ATT&CK Enterprise v15

Tasks