General
-
Target
b8f70ef6aaa0978edbd807986717ab9c
-
Size
186KB
-
Sample
240409-3almjahc74
-
MD5
b8f70ef6aaa0978edbd807986717ab9c
-
SHA1
ceb99aceb55b3190f2872602331df4dcd07abc52
-
SHA256
f632980e16caca28269eba1e32bd29300ce52dc7969744758de3d279eaa3605f
-
SHA512
55ffebb18265653e6ae6fc68d53f57bf134e1a26b9908ae8b37963f1168c6172a181f61fe97f2015cbc8b7e6e1ae7de13ee5d94848b0cad48a419820d8ffed2e
-
SSDEEP
3072:gjbLl/gvQoutp1Tj4mYWR/RO/6W5H6gWIK+/MRzZfHbw/hftz7utwo7UGwsvU:gjluQoS3Io5RW6W5fMN9Hs/hftHkoGwj
Malware Config
Targets
-
-
Target
b8f70ef6aaa0978edbd807986717ab9c
-
Size
186KB
-
MD5
b8f70ef6aaa0978edbd807986717ab9c
-
SHA1
ceb99aceb55b3190f2872602331df4dcd07abc52
-
SHA256
f632980e16caca28269eba1e32bd29300ce52dc7969744758de3d279eaa3605f
-
SHA512
55ffebb18265653e6ae6fc68d53f57bf134e1a26b9908ae8b37963f1168c6172a181f61fe97f2015cbc8b7e6e1ae7de13ee5d94848b0cad48a419820d8ffed2e
-
SSDEEP
3072:gjbLl/gvQoutp1Tj4mYWR/RO/6W5H6gWIK+/MRzZfHbw/hftz7utwo7UGwsvU:gjluQoS3Io5RW6W5fMN9Hs/hftHkoGwj
Score7/10-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-
Adds Run key to start application
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
Drops file in System32 directory
-