General
-
Target
MadLoading.exe
-
Size
18.5MB
-
Sample
240525-tr1cksag29
-
MD5
f44248e40873c6142eae7f2f52ae2ccd
-
SHA1
ab935b74b41024b6d3e66025e92dfd65d24b49e2
-
SHA256
153a0c462bd1676c89557fa97af2dec4c8259a97f8d6bf08661b7aa3d22904ed
-
SHA512
56820f995a3980ab6e2816f5e5c9defbc3d1419936f0d6297dbd46700ca21092241f9797f37ad6a61ef8b69d21e35d1811b19186d7c46311054349222dd165cb
-
SSDEEP
393216:YqPnLFXlrHQ8DOETgs77fGFZgYs3D7vEZsbB2Ulq:JPLFXNHQhE7k70gA2D
Malware Config
Targets
-
-
Target
MadLoading.exe
-
Size
18.5MB
-
MD5
f44248e40873c6142eae7f2f52ae2ccd
-
SHA1
ab935b74b41024b6d3e66025e92dfd65d24b49e2
-
SHA256
153a0c462bd1676c89557fa97af2dec4c8259a97f8d6bf08661b7aa3d22904ed
-
SHA512
56820f995a3980ab6e2816f5e5c9defbc3d1419936f0d6297dbd46700ca21092241f9797f37ad6a61ef8b69d21e35d1811b19186d7c46311054349222dd165cb
-
SSDEEP
393216:YqPnLFXlrHQ8DOETgs77fGFZgYs3D7vEZsbB2Ulq:JPLFXNHQhE7k70gA2D
Score7/10-
Loads dropped DLL
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-
Legitimate hosting services abused for malware hosting/C2
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-