General
-
Target
974582ebb056cc8c7b7c15496ef15eb7bd5438357f6e1af6b14e8c28fcec1248
-
Size
872KB
-
Sample
240506-3kvcesgd9x
-
MD5
6f89cacc914ae95685fd718c6d9658cf
-
SHA1
dfea94b5fd009f4dd31daab57aa808aad406299c
-
SHA256
974582ebb056cc8c7b7c15496ef15eb7bd5438357f6e1af6b14e8c28fcec1248
-
SHA512
abb968648bc0c02511c3cb18e80a8db8fbfec585d6589606ee681e2dbbf3245f943ddfe3d5786bf6b5dd0ed3f7c2ebc92e765be3b39ec3a68edef375dffb8cf2
-
SSDEEP
12288:/n8yN0Mr8ZU6aVs7IypwXK4Qzh+jMlWCEh/ShkWqdcYGhqfy:vPuZUzIfpwiz0wy/yqdWhqfy
Malware Config
Targets
-
-
Target
974582ebb056cc8c7b7c15496ef15eb7bd5438357f6e1af6b14e8c28fcec1248
-
Size
872KB
-
MD5
6f89cacc914ae95685fd718c6d9658cf
-
SHA1
dfea94b5fd009f4dd31daab57aa808aad406299c
-
SHA256
974582ebb056cc8c7b7c15496ef15eb7bd5438357f6e1af6b14e8c28fcec1248
-
SHA512
abb968648bc0c02511c3cb18e80a8db8fbfec585d6589606ee681e2dbbf3245f943ddfe3d5786bf6b5dd0ed3f7c2ebc92e765be3b39ec3a68edef375dffb8cf2
-
SSDEEP
12288:/n8yN0Mr8ZU6aVs7IypwXK4Qzh+jMlWCEh/ShkWqdcYGhqfy:vPuZUzIfpwiz0wy/yqdWhqfy
Score9/10-
UPX dump on OEP (original entry point)
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-