General
-
Target
6e225d905ed90d36ba455e93f914d4a89621146b9cdf51b946d4e6af89c1119c
-
Size
183KB
-
Sample
240405-2lvtxaed2s
-
MD5
79365529405034410992b32b0010c66b
-
SHA1
391d37e0baabb39e3d639c1cfec0960f730f8c1c
-
SHA256
6e225d905ed90d36ba455e93f914d4a89621146b9cdf51b946d4e6af89c1119c
-
SHA512
9bf51077e0d7d5936fa3ac41c1bef3b48fbf96e446d99b9ed6be214703b54644d0ed349d71bdb8c02ed623ab9f24352f39c393831490f4c26489e240800ca39e
-
SSDEEP
3072:0ljbLl/gvQoutmn+vuKsxPqp7rWFCr5F07Ant5l+Zt4nRl:SjluQoSEPYXWFE5FMOPlMSRl
Malware Config
Targets
-
-
Target
6e225d905ed90d36ba455e93f914d4a89621146b9cdf51b946d4e6af89c1119c
-
Size
183KB
-
MD5
79365529405034410992b32b0010c66b
-
SHA1
391d37e0baabb39e3d639c1cfec0960f730f8c1c
-
SHA256
6e225d905ed90d36ba455e93f914d4a89621146b9cdf51b946d4e6af89c1119c
-
SHA512
9bf51077e0d7d5936fa3ac41c1bef3b48fbf96e446d99b9ed6be214703b54644d0ed349d71bdb8c02ed623ab9f24352f39c393831490f4c26489e240800ca39e
-
SSDEEP
3072:0ljbLl/gvQoutmn+vuKsxPqp7rWFCr5F07Ant5l+Zt4nRl:SjluQoSEPYXWFE5FMOPlMSRl
Score9/10-
Detects executables containing possible sandbox analysis VM usernames
-
UPX dump on OEP (original entry point)
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-
Adds Run key to start application
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
Drops file in System32 directory
-