Resubmissions
17/06/2024, 04:02
240617-elvskstbkb 10General
-
Target
main.exe
-
Size
17.7MB
-
Sample
240617-elvskstbkb
-
MD5
1218458c131c3faf20bb942251afd7f8
-
SHA1
87be9f8da45d9f51d050440f4f6cf45b0ee6f882
-
SHA256
cb0627349dee9729bc6845b5d6665d9e38aaa1437eebde75ea3b5adf4b57def6
-
SHA512
4062f3e747d8b92edc828969c1004382ff3dfb50647b703bd5900200b6522e2a9c15d2ce5c42e7de41a9317fa99f277ff50e13c8770d7183af1c4f6ef2a110be
-
SSDEEP
393216:6qPnLFXli/Ap+IzA9603kQ1eHG2QX7GJOgUSuXq25/JksxP4xz6HUN/:PPLFX4/K+L6Q1XvCOxSuXJQsxYzUU1
Malware Config
Targets
-
-
Target
main.exe
-
Size
17.7MB
-
MD5
1218458c131c3faf20bb942251afd7f8
-
SHA1
87be9f8da45d9f51d050440f4f6cf45b0ee6f882
-
SHA256
cb0627349dee9729bc6845b5d6665d9e38aaa1437eebde75ea3b5adf4b57def6
-
SHA512
4062f3e747d8b92edc828969c1004382ff3dfb50647b703bd5900200b6522e2a9c15d2ce5c42e7de41a9317fa99f277ff50e13c8770d7183af1c4f6ef2a110be
-
SSDEEP
393216:6qPnLFXli/Ap+IzA9603kQ1eHG2QX7GJOgUSuXq25/JksxP4xz6HUN/:PPLFX4/K+L6Q1XvCOxSuXJQsxYzUU1
Score7/10-
Loads dropped DLL
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-
Adds Run key to start application
-
Legitimate hosting services abused for malware hosting/C2
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-
-
-
Target
main.pyc
-
Size
7KB
-
MD5
2b5b066e99c360eca58bd7bff839796c
-
SHA1
aae265e41c4c51ecb59f5333a7eb987a23e069cc
-
SHA256
a2c76754b014a8eb138b9898da92753fbb315eed50ba01e15d6fa3c519aecb8a
-
SHA512
d035d3ec39a9e16b943d69fb3d998cfca32eeb94debe3fa278e4687937bf4ac3253452df11bd53baa44d1d2d3f480d84e2c682dc2d8eb6704aafd570de582282
-
SSDEEP
192:wtkbmsD8M8tWdXwWHo3O3zPbJhw/cMdwMlLnw:ggm7Wu+HD12EPAw
Score3/10 -