General
-
Target
ConsoleApplication2.exe
-
Size
4.4MB
-
Sample
240608-rm9pcacd5t
-
MD5
e3daf41ed04e349c7fd2af96a9880036
-
SHA1
3796281e73b24d5aa01e1d81989c1183fe03b6f8
-
SHA256
bc1eac1a1303c0d8239e3ece3ec3f1fd7a4a835357483649964184d8a95ef68b
-
SHA512
14ab2ac3c2c6296e55bca81555dbc8a266591dd8811ce6fd3d100e214f29c2dab9db13a28196d060a3de62ac5b71e72eed3ad71ba1e8aedd8b8836b9d72ace7d
-
SSDEEP
49152:OtvD5wjumUp3X+EI1Cq7779sDy3kv3H5FLsaxdNOhRFDf/LgpnPbFhz0gvN+htWa:OtvD5wi5ECq7om5/L2F
Malware Config
Targets
-
-
Target
ConsoleApplication2.exe
-
Size
4.4MB
-
MD5
e3daf41ed04e349c7fd2af96a9880036
-
SHA1
3796281e73b24d5aa01e1d81989c1183fe03b6f8
-
SHA256
bc1eac1a1303c0d8239e3ece3ec3f1fd7a4a835357483649964184d8a95ef68b
-
SHA512
14ab2ac3c2c6296e55bca81555dbc8a266591dd8811ce6fd3d100e214f29c2dab9db13a28196d060a3de62ac5b71e72eed3ad71ba1e8aedd8b8836b9d72ace7d
-
SSDEEP
49152:OtvD5wjumUp3X+EI1Cq7779sDy3kv3H5FLsaxdNOhRFDf/LgpnPbFhz0gvN+htWa:OtvD5wi5ECq7om5/L2F
Score7/10-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Legitimate hosting services abused for malware hosting/C2
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-