General
-
Target
760d7dff5d9a98e5623e9057ef75856cc5d769b88a75b393c7df59dd72efe012
-
Size
146.6MB
-
Sample
240229-cj55esbb64
-
MD5
5d7a0b9a87f5ecc3c80a2233f5def99e
-
SHA1
313de1a1f17a633daa6005a09e06336509cfce2b
-
SHA256
760d7dff5d9a98e5623e9057ef75856cc5d769b88a75b393c7df59dd72efe012
-
SHA512
d2ba78e075474f914d4a3243ae5507c6708f62120a2e4e47ee60465466332451a5bbc8d7080f23f730c2b12e82b0d0c6000ffe3316fab72207528c5d585ede0c
-
SSDEEP
786432:tCszwLb4v1SoNjWPNLd1pQshPQLnXni9vyM/52nyMh8saO:tJwPU1JNSPtyLXi9vOn6C
Malware Config
Targets
-
-
Target
760d7dff5d9a98e5623e9057ef75856cc5d769b88a75b393c7df59dd72efe012
-
Size
146.6MB
-
MD5
5d7a0b9a87f5ecc3c80a2233f5def99e
-
SHA1
313de1a1f17a633daa6005a09e06336509cfce2b
-
SHA256
760d7dff5d9a98e5623e9057ef75856cc5d769b88a75b393c7df59dd72efe012
-
SHA512
d2ba78e075474f914d4a3243ae5507c6708f62120a2e4e47ee60465466332451a5bbc8d7080f23f730c2b12e82b0d0c6000ffe3316fab72207528c5d585ede0c
-
SSDEEP
786432:tCszwLb4v1SoNjWPNLd1pQshPQLnXni9vyM/52nyMh8saO:tJwPU1JNSPtyLXi9vOn6C
Score7/10-
Drops startup file
-
Executes dropped EXE
-
Loads dropped DLL
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Legitimate hosting services abused for malware hosting/C2
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-