General
-
Target
setup谷歌_1045325_332156.msi.7z
-
Size
4.3MB
-
Sample
240319-lm2qvagd94
-
MD5
1fcd64659fe7b83ad0472d8e6b2d59e8
-
SHA1
bb885e38354d2fe06e4b38beb7d9cbb07c9a8ace
-
SHA256
22b77cc3c53f6185683662af9ea7037d7fd09f5b6bee0a657b46633f5bdf79f0
-
SHA512
c6cb499eefa08f36bf7fc91ed2958bd1e40520858412d5665ba29382d6af04b35711b07206d6bf3097988424d08c396514be0399ca5e6ed52ef6ad310a66ac09
-
SSDEEP
98304:ZkSgvPbkFmq4kWhcV+FEXal+7wv58VAdPWvmxFGMAYPvFEw2o:yowq4EQFVl+7weVAdWvUFnAItx
Malware Config
Targets
-
-
Target
setupè°·æ_1045325_332156.msi
-
Size
5.0MB
-
MD5
8ed25cb4f9afcc7ba264f28557c566c8
-
SHA1
0092e577e8bd2995f942d353bb947802b9ef761c
-
SHA256
f40ea447318612d0cd6b920eb944cbd2b03e72bba43a037c2945fa907fd0d5be
-
SHA512
8719c8a45b5b74556b8dbae1e07e42035b729446f3a3e73a012abc5f342e07bc0a0dfa8c5424bf35f05e0b5ad9fc38750622c6cc43717f4777731c299b0a0c40
-
SSDEEP
98304:FkbUBBag3dcp7JHWSQn6b1+zCmDdT9+aShXYkkkPr2F6+l:FkwyXHV4nzCIChIk/PSl
Score8/10-
Modifies RDP port number used by Windows
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
Modifies Installed Components in the registry
-
Sets file execution options in registry
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-