General
-
Target
9e90c9dc82361bdd4398f8516320f664371d7b040ed39da4a36b269f73c8c28d
-
Size
1.3MB
-
Sample
240505-cxqlwsfb54
-
MD5
bddfc1c8dbd2c4c220fbe40cafd0ddb6
-
SHA1
7840d05d1ff92bb28e93ff9d6358e4a5e94c1429
-
SHA256
9e90c9dc82361bdd4398f8516320f664371d7b040ed39da4a36b269f73c8c28d
-
SHA512
f917932840a0f386020bb9d986a6cc13753775881b92b04b94ee0bbf39242046c89a7492e6c99dd1f23960b566f21cbad823f999ea97b2537264e168371b238f
-
SSDEEP
24576:bSLrRUz7Om5pyc05RARLzOoa44xgj0ZO4R6z8sL4C068+kV/44wCrFfjKMdq:bVOGq5R+oFuk5VH/ljKOq
Malware Config
Targets
-
-
Target
9e90c9dc82361bdd4398f8516320f664371d7b040ed39da4a36b269f73c8c28d
-
Size
1.3MB
-
MD5
bddfc1c8dbd2c4c220fbe40cafd0ddb6
-
SHA1
7840d05d1ff92bb28e93ff9d6358e4a5e94c1429
-
SHA256
9e90c9dc82361bdd4398f8516320f664371d7b040ed39da4a36b269f73c8c28d
-
SHA512
f917932840a0f386020bb9d986a6cc13753775881b92b04b94ee0bbf39242046c89a7492e6c99dd1f23960b566f21cbad823f999ea97b2537264e168371b238f
-
SSDEEP
24576:bSLrRUz7Om5pyc05RARLzOoa44xgj0ZO4R6z8sL4C068+kV/44wCrFfjKMdq:bVOGq5R+oFuk5VH/ljKOq
Score9/10-
UPX dump on OEP (original entry point)
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-
Adds Run key to start application
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
Drops file in System32 directory
-