General
-
Target
eulen.exe
-
Size
21.5MB
-
Sample
240508-s56ababg6s
-
MD5
f18ea93ab407108f54c0f34d59d9db3f
-
SHA1
510c650c04a59e7a6810a75185627ca15baff540
-
SHA256
df5d2dfcc051d700355cb08f9c2f1e055a5ecacdf889d6531844e321794470bd
-
SHA512
d6856614b2564af16a471b5a5b99b9a857542e092e804d96cf23dde911cb7ab15018cee0a5db773878d18d88d5b56c210a226bfadc54cb9d5e3e2b1ec72b59c8
-
SSDEEP
393216:XqPnLFXlMcGOLcDqRcyK9Qu8nAB3Q0Gx3gt1CQJ6ZBYgGf7TduHJ:aPLFXaQLcDqR5K9Q3kAv6CtHqf7Qp
Malware Config
Targets
-
-
Target
eulen.exe
-
Size
21.5MB
-
MD5
f18ea93ab407108f54c0f34d59d9db3f
-
SHA1
510c650c04a59e7a6810a75185627ca15baff540
-
SHA256
df5d2dfcc051d700355cb08f9c2f1e055a5ecacdf889d6531844e321794470bd
-
SHA512
d6856614b2564af16a471b5a5b99b9a857542e092e804d96cf23dde911cb7ab15018cee0a5db773878d18d88d5b56c210a226bfadc54cb9d5e3e2b1ec72b59c8
-
SSDEEP
393216:XqPnLFXlMcGOLcDqRcyK9Qu8nAB3Q0Gx3gt1CQJ6ZBYgGf7TduHJ:aPLFXaQLcDqR5K9Q3kAv6CtHqf7Qp
Score7/10-
Loads dropped DLL
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-
Adds Run key to start application
-
Legitimate hosting services abused for malware hosting/C2
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-