epsilon | 8c062466c926e7f56a06ae3f92dd6a39dbb6a6fbb75e1b038399a0b1e720d4cd

General

Target

WindowsBootManager.exe
Size

70.8MB
Sample

240223-1ptwcahf38
MD5

5d18b97c37e13a926121ad3280a275ad
SHA1

c77f453cb0baffe809162564d69876c200c980d0
SHA256

8c062466c926e7f56a06ae3f92dd6a39dbb6a6fbb75e1b038399a0b1e720d4cd
SHA512

7b12fc41f295cdedbb8438d544afdd7801b22689a6b32576ec51cc428f59a122db54604d2dbede09287f5648e1261e4259804e6340aa46abebab0c7a0b85aac2
SSDEEP

1572864:PejOS3+OyXEUH3UVXAgneMGXXA/T1eBZGURkmiXgMH:PkwEVVEnHMT1eNre7H

Score

10^/10

Malware Config

Targets

- Target
  
  WindowsBootManager.exe
- Size
  
  70.8MB
- MD5
  
  5d18b97c37e13a926121ad3280a275ad
- SHA1
  
  c77f453cb0baffe809162564d69876c200c980d0
- SHA256
  
  8c062466c926e7f56a06ae3f92dd6a39dbb6a6fbb75e1b038399a0b1e720d4cd
- SHA512
  
  7b12fc41f295cdedbb8438d544afdd7801b22689a6b32576ec51cc428f59a122db54604d2dbede09287f5648e1261e4259804e6340aa46abebab0c7a0b85aac2
- SSDEEP
  
  1572864:PejOS3+OyXEUH3UVXAgneMGXXA/T1eBZGURkmiXgMH:PkwEVVEnHMT1eNre7H
Score

10^/10

epsilon spyware stealer
- Epsilon Stealer
  Information stealer.
  stealer epsilon
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Looks up external IP address via web service
  Uses a legitimate IP lookup service to find the infected system's external IP.
- Drops file in System32 directory
behavioral1 behavioral2
- Target
  
  WindowsBootManager.exe
- Size
  
  168.6MB
- MD5
  
  2c11c9fd2618f52433766e7601fc0ab6
- SHA1
  
  5431178570a6040912ec7486fbb677b8c423c6f5
- SHA256
  
  b29714d2a978638b6ce17ec1c16f8344e46379c93f1e88225bc962419b9d1c04
- SHA512
  
  b0a66392aff2f7eb8d019cb9d7c210a9fa76090985eb35d2cb032c44f345705720f6cb1889eff3aa3c2a3b9587f26bfbfc3d247e7a6229ef1882ee0890e95e89
- SSDEEP
  
  1572864:sXic4qb6IXgDaJfpEQHgelkLK4z34xGWw0TwW1T/qWhehZvmCtS3JPfyzG49FndX:yVKvWZ8tyx4u
Score

10^/10

epsilon spyware stealer
- Epsilon Stealer
  Information stealer.
  stealer epsilon
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Loads dropped DLL
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Looks up external IP address via web service
  Uses a legitimate IP lookup service to find the infected system's external IP.
- Drops file in System32 directory
behavioral3 behavioral4