General

  • Target

    9fd197b7402285ed2a75dac9a5ce3ef499a58342fd0dcefe1c40443a12bc6832

  • Size

    8.5MB

  • Sample

    240508-v5tbvsfc51

  • MD5

    4f060c5c6813e269f01e6cba1d3ac4cd

  • SHA1

    4f0a1831d4d8c09f46e8f5fbe8b17b024daa6eee

  • SHA256

    9fd197b7402285ed2a75dac9a5ce3ef499a58342fd0dcefe1c40443a12bc6832

  • SHA512

    3722e77ce62156ccb09344719ce01c71e9f0c033bfc18ab829eaec1a103d5fe41b7aaa20c698db0e9fae652e25d1bb5d7cc6cd2cd80cd966583845244758c42c

  • SSDEEP

    196608:Ky7GRjBXeIXf5a9onJ5hrZERjyiU8AdZYJERMEzsDyrTVV/:FuBnv5a9c5hlERbAdZYy+0trR

Malware Config

Targets

    • Target

      9fd197b7402285ed2a75dac9a5ce3ef499a58342fd0dcefe1c40443a12bc6832

    • Size

      8.5MB

    • MD5

      4f060c5c6813e269f01e6cba1d3ac4cd

    • SHA1

      4f0a1831d4d8c09f46e8f5fbe8b17b024daa6eee

    • SHA256

      9fd197b7402285ed2a75dac9a5ce3ef499a58342fd0dcefe1c40443a12bc6832

    • SHA512

      3722e77ce62156ccb09344719ce01c71e9f0c033bfc18ab829eaec1a103d5fe41b7aaa20c698db0e9fae652e25d1bb5d7cc6cd2cd80cd966583845244758c42c

    • SSDEEP

      196608:Ky7GRjBXeIXf5a9onJ5hrZERjyiU8AdZYJERMEzsDyrTVV/:FuBnv5a9c5hlERbAdZYy+0trR

    Score
    7/10
    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Suspicious use of NtSetInformationThreadHideFromDebugger

MITRE ATT&CK Enterprise v15

Tasks