General
-
Target
imthebiggestsexhaver.exe
-
Size
16.3MB
-
Sample
240303-x3wejsfd86
-
MD5
6b08a0f6d0cb752836546cc4920bc711
-
SHA1
5444ce8178a75cf42c5fdde3ff57ca17d92fd252
-
SHA256
891624714cb9e8ecc8a71ab2651568a544202bf0aacdc52d897c8222e86cfc55
-
SHA512
e2a455627a336be639d6eebca68b80552510ee9381e70820dc6ee6d2e85d49d4ae9bafa3448783e78a7bd3e2b6e5a7b58fee3be35e0b5d510b04587bfa9e5484
-
SSDEEP
393216:oEkZQTwpSNPG7NmiZoPL2Vmd6mKVBkGCwwtKb0x:ohQUpoKEA+yVmdU3+NAb0
Malware Config
Targets
-
-
Target
imthebiggestsexhaver.exe
-
Size
16.3MB
-
MD5
6b08a0f6d0cb752836546cc4920bc711
-
SHA1
5444ce8178a75cf42c5fdde3ff57ca17d92fd252
-
SHA256
891624714cb9e8ecc8a71ab2651568a544202bf0aacdc52d897c8222e86cfc55
-
SHA512
e2a455627a336be639d6eebca68b80552510ee9381e70820dc6ee6d2e85d49d4ae9bafa3448783e78a7bd3e2b6e5a7b58fee3be35e0b5d510b04587bfa9e5484
-
SSDEEP
393216:oEkZQTwpSNPG7NmiZoPL2Vmd6mKVBkGCwwtKb0x:ohQUpoKEA+yVmdU3+NAb0
Score7/10-
Drops startup file
-
Loads dropped DLL
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Legitimate hosting services abused for malware hosting/C2
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-