General
-
Target
7bb9abd594c3f086a8bde699b91065e4c46d6a22c9f656880d33db6c9169747e
-
Size
1.4MB
-
Sample
240428-rqqewaaa5y
-
MD5
537728337b0fd50423c012abfcfb43d5
-
SHA1
a9fefabe95a853ee22405605d175ee0b30bf1efb
-
SHA256
7bb9abd594c3f086a8bde699b91065e4c46d6a22c9f656880d33db6c9169747e
-
SHA512
7e56b43cfa2175a076b03a6671944476833fdd0516b3de78d17c9145d2060f1a5cc35a8aedc12a416e2987d44e1b98d034538c458eaebe86281e58ac8eb8dadc
-
SSDEEP
24576:IIvKiHgnhSC0badP0QiPYnSFELlFFx0A4cAhPSNfL1JD/tbOFmHYrEH74N:zKiAsadP0QiPzEz0AVISNT1JtMyc
Malware Config
Targets
-
-
Target
7bb9abd594c3f086a8bde699b91065e4c46d6a22c9f656880d33db6c9169747e
-
Size
1.4MB
-
MD5
537728337b0fd50423c012abfcfb43d5
-
SHA1
a9fefabe95a853ee22405605d175ee0b30bf1efb
-
SHA256
7bb9abd594c3f086a8bde699b91065e4c46d6a22c9f656880d33db6c9169747e
-
SHA512
7e56b43cfa2175a076b03a6671944476833fdd0516b3de78d17c9145d2060f1a5cc35a8aedc12a416e2987d44e1b98d034538c458eaebe86281e58ac8eb8dadc
-
SSDEEP
24576:IIvKiHgnhSC0badP0QiPYnSFELlFFx0A4cAhPSNfL1JD/tbOFmHYrEH74N:zKiAsadP0QiPzEz0AVISNT1JtMyc
Score8/10-
Modifies Installed Components in the registry
-
Sets file execution options in registry
-
ACProtect 1.3x - 1.4x DLL software
Detects file using ACProtect software.
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Registers COM server for autorun
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-