General

  • Target

    CyberLink_PowerDirector_Downloader2.exe

  • Size

    1.1MB

  • Sample

    240407-v8236saa7w

  • MD5

    ab65dc7ec3cfe8d47fa84b3c3d1bb0f8

  • SHA1

    a12ea0e619c1af2651f9071df0871fb15291e1b2

  • SHA256

    fef1d8eccc7dae76fc6765dbb7d1f0bc7c18a59baccae1cf473e69cf78c7d242

  • SHA512

    20607369a91510ae33bc5fa108ddbc2ff5984482bcbd4c6c8a3b3205cd927b69f2651b5599489e7d763f7ef3da36136580516ca1f40286035cfd4a365faf8fa3

  • SSDEEP

    24576:WaRWANXsSe0NqV4wTGlFIxw3/Qz5XsTHpQj4coCYHb0YLXQ2:RXfNqiwc/QztsTHGUcophv

Score
7/10

Malware Config

Targets

    • Target

      CyberLink_PowerDirector_Downloader2.exe

    • Size

      1.1MB

    • MD5

      ab65dc7ec3cfe8d47fa84b3c3d1bb0f8

    • SHA1

      a12ea0e619c1af2651f9071df0871fb15291e1b2

    • SHA256

      fef1d8eccc7dae76fc6765dbb7d1f0bc7c18a59baccae1cf473e69cf78c7d242

    • SHA512

      20607369a91510ae33bc5fa108ddbc2ff5984482bcbd4c6c8a3b3205cd927b69f2651b5599489e7d763f7ef3da36136580516ca1f40286035cfd4a365faf8fa3

    • SSDEEP

      24576:WaRWANXsSe0NqV4wTGlFIxw3/Qz5XsTHpQj4coCYHb0YLXQ2:RXfNqiwc/QztsTHGUcophv

    Score
    7/10
    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

MITRE ATT&CK Enterprise v15

Tasks