General
-
Target
2984b78e25db9a3a83202c4d9105b6e1402c62a6e1b17042bee4eda21f81d236
-
Size
1.1MB
-
Sample
240503-ylyn1sea5w
-
MD5
c85caf48726755de385ede5aaabb8a1f
-
SHA1
95906025dc7a950f7963dfeb29d302c936e34c63
-
SHA256
2984b78e25db9a3a83202c4d9105b6e1402c62a6e1b17042bee4eda21f81d236
-
SHA512
807ccabdd5485010cfef39ecdec729bef18869ad048c122011089ae3aff6307875289fe010b50644069f0b6faf8d23b1ae4d3ac9119ec956be7e6d231738759c
-
SSDEEP
24576:lq8nPNzvx1HWY8C4ZdWduAeXHkZmYucih6rgz/gem7m/OPS:3RxxWdTZdxTXE1ucigssemmOa
Malware Config
Targets
-
-
Target
2984b78e25db9a3a83202c4d9105b6e1402c62a6e1b17042bee4eda21f81d236
-
Size
1.1MB
-
MD5
c85caf48726755de385ede5aaabb8a1f
-
SHA1
95906025dc7a950f7963dfeb29d302c936e34c63
-
SHA256
2984b78e25db9a3a83202c4d9105b6e1402c62a6e1b17042bee4eda21f81d236
-
SHA512
807ccabdd5485010cfef39ecdec729bef18869ad048c122011089ae3aff6307875289fe010b50644069f0b6faf8d23b1ae4d3ac9119ec956be7e6d231738759c
-
SSDEEP
24576:lq8nPNzvx1HWY8C4ZdWduAeXHkZmYucih6rgz/gem7m/OPS:3RxxWdTZdxTXE1ucigssemmOa
Score9/10-
Detects executables containing possible sandbox analysis VM usernames
-
UPX dump on OEP (original entry point)
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Adds Run key to start application
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
Drops file in System32 directory
-