General
-
Target
monkemodmanager.exe
-
Size
21.1MB
-
Sample
240525-sfp7ssha33
-
MD5
ca45e66fe0b99a074ea63ddb078baaf2
-
SHA1
5a54342b46c9b49fc8fe416096e50bf4261fa163
-
SHA256
3b8b68f11b2146d11b3fbfb0c57e6a46af7d96885d3fccf54604202584489b07
-
SHA512
4a1138969ec2618d92030f01a89c3dc25407cf143c9777a415aeabcd579a6addae28b161a5640c1d7d1a87ab32eec5fcb68aa4f548d5d26a44233bac28f9a8e2
-
SSDEEP
393216:TEkZQtss27xhjJWQsUcR4NzQW+eGQRg93iObIhRS/tuLGrqT6oHd85Tv/:ThQtsZjYQFIW+e5R49MhRZqePy5T
Malware Config
Targets
-
-
Target
monkemodmanager.exe
-
Size
21.1MB
-
MD5
ca45e66fe0b99a074ea63ddb078baaf2
-
SHA1
5a54342b46c9b49fc8fe416096e50bf4261fa163
-
SHA256
3b8b68f11b2146d11b3fbfb0c57e6a46af7d96885d3fccf54604202584489b07
-
SHA512
4a1138969ec2618d92030f01a89c3dc25407cf143c9777a415aeabcd579a6addae28b161a5640c1d7d1a87ab32eec5fcb68aa4f548d5d26a44233bac28f9a8e2
-
SSDEEP
393216:TEkZQtss27xhjJWQsUcR4NzQW+eGQRg93iObIhRS/tuLGrqT6oHd85Tv/:ThQtsZjYQFIW+e5R49MhRZqePy5T
Score7/10-
Drops startup file
-
Loads dropped DLL
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Legitimate hosting services abused for malware hosting/C2
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-