General
-
Target
334cb3510571ddfd80be916a9ba63fa9ef773979367b738fea25b2c7883e063d
-
Size
1.2MB
-
Sample
240308-w8yanadh28
-
MD5
dcff5072760545a1e0996f23e9bdd52e
-
SHA1
89a191e942a8b8ec905847b0a3baf2ad7750b9ca
-
SHA256
334cb3510571ddfd80be916a9ba63fa9ef773979367b738fea25b2c7883e063d
-
SHA512
3d5916bc148a82b5b4f88320c0c253feb7f0ace4a3847f3da1a622c6753a1fae8be3bedc9909de8169e347ca3f7df3fe82482e74152f830cfb524600e766e833
-
SSDEEP
24576:861E+ziRzFasTs9FruCP4eS4HWmUuiFIJRzoJ2uoRvn3+5amwYFj:51KN0iAuCP4VgWq8Iuod3+5JnV
Malware Config
Targets
-
-
Target
334cb3510571ddfd80be916a9ba63fa9ef773979367b738fea25b2c7883e063d
-
Size
1.2MB
-
MD5
dcff5072760545a1e0996f23e9bdd52e
-
SHA1
89a191e942a8b8ec905847b0a3baf2ad7750b9ca
-
SHA256
334cb3510571ddfd80be916a9ba63fa9ef773979367b738fea25b2c7883e063d
-
SHA512
3d5916bc148a82b5b4f88320c0c253feb7f0ace4a3847f3da1a622c6753a1fae8be3bedc9909de8169e347ca3f7df3fe82482e74152f830cfb524600e766e833
-
SSDEEP
24576:861E+ziRzFasTs9FruCP4eS4HWmUuiFIJRzoJ2uoRvn3+5amwYFj:51KN0iAuCP4VgWq8Iuod3+5JnV
Score9/10-
Detects executables containing possible sandbox analysis VM usernames
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Adds Run key to start application
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
Drops file in System32 directory
-