General
-
Target
fad2e8293cf38eec695b1b5c012e187999bd94fbcad91d8f110605a9709c31b3
-
Size
8.2MB
-
Sample
240410-sfsypafc9x
-
MD5
bafdcdfdac4e0d5a835c1048af2a3815
-
SHA1
8ed85a4739ab5945ee21e05947eb204ef04bcc02
-
SHA256
fad2e8293cf38eec695b1b5c012e187999bd94fbcad91d8f110605a9709c31b3
-
SHA512
cebd84cc2763126fb041bfb2bde31447c3bc09af08bbd6087bbc7640d7a64a5edc158916db639f590e74439eb7b9e057bf70b98d74aff8f27c2c2ffc7e69a743
-
SSDEEP
196608:oPGZKb8E61MymPXM+MnOLEntvs+qfR4NQU/qsnZuv7:Jo61Vq6nOgteYQU/1uj
Malware Config
Targets
-
-
Target
fad2e8293cf38eec695b1b5c012e187999bd94fbcad91d8f110605a9709c31b3
-
Size
8.2MB
-
MD5
bafdcdfdac4e0d5a835c1048af2a3815
-
SHA1
8ed85a4739ab5945ee21e05947eb204ef04bcc02
-
SHA256
fad2e8293cf38eec695b1b5c012e187999bd94fbcad91d8f110605a9709c31b3
-
SHA512
cebd84cc2763126fb041bfb2bde31447c3bc09af08bbd6087bbc7640d7a64a5edc158916db639f590e74439eb7b9e057bf70b98d74aff8f27c2c2ffc7e69a743
-
SSDEEP
196608:oPGZKb8E61MymPXM+MnOLEntvs+qfR4NQU/qsnZuv7:Jo61Vq6nOgteYQU/1uj
Score10/10-
Babadeda
Babadeda is a crypter delivered as a legitimate installer and used to drop other malware families.
-
Babadeda Crypter
-
OutSteel
OutSteel is a file uploader and document stealer written in AutoIT.
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
AutoIT Executable
AutoIT scripts compiled to PE executables.
-