General
-
Target
main.exe
-
Size
18.5MB
-
Sample
240526-xd58fsfh7y
-
MD5
a0de97b7ae211dfdb60ef89de713a313
-
SHA1
cf9e5e0cbdf4d8aa0d05f4de4a963eb88e8ffb2d
-
SHA256
03ea942d499379cd63c4899de660b745dac8ac56003f7824e6517b8590ed1f01
-
SHA512
6099749d1f418764b9d2073a36ac2f8ecdae9e4451ec200a45757082709a4e2c3d5abfbdf5a325e9be1553b5b114527627a5cd2e65b64eb0aa4b237d9a8bad8c
-
SSDEEP
393216:aqPnLFXlrPrQ8DOETgs77fGqgUvvEVCR0NfkPq:vPLFXNjQhE7rX0cKr
Malware Config
Targets
-
-
Target
main.exe
-
Size
18.5MB
-
MD5
a0de97b7ae211dfdb60ef89de713a313
-
SHA1
cf9e5e0cbdf4d8aa0d05f4de4a963eb88e8ffb2d
-
SHA256
03ea942d499379cd63c4899de660b745dac8ac56003f7824e6517b8590ed1f01
-
SHA512
6099749d1f418764b9d2073a36ac2f8ecdae9e4451ec200a45757082709a4e2c3d5abfbdf5a325e9be1553b5b114527627a5cd2e65b64eb0aa4b237d9a8bad8c
-
SSDEEP
393216:aqPnLFXlrPrQ8DOETgs77fGqgUvvEVCR0NfkPq:vPLFXNjQhE7rX0cKr
Score7/10-
Loads dropped DLL
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-
Adds Run key to start application
-
Legitimate hosting services abused for malware hosting/C2
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-