General
-
Target
e70c7dcdf6ebca91f79ae803d9c23038b953b3051c6615935c5bcfb3eb93a0e9
-
Size
2.0MB
-
Sample
240703-eq6qms1bmq
-
MD5
ef19346efc978bc79e699264ac6e944e
-
SHA1
5f9023077988daf5199b15f1136e96de92cf5616
-
SHA256
e70c7dcdf6ebca91f79ae803d9c23038b953b3051c6615935c5bcfb3eb93a0e9
-
SHA512
fd1995fa00cc122f11d1839a6261d55e2b7b4acd73c51dc4ef71fc877b2382e7350f728f60fa9c3870403e2af0a05fe37b2ff10f97f4399359ca3eb731f34aea
-
SSDEEP
49152:Cl0qnqiv91FFZ2CBES3RoM3jJW/cCc7V/xnJB:m0qn5RhoKgR8nB
Malware Config
Targets
-
-
Target
e70c7dcdf6ebca91f79ae803d9c23038b953b3051c6615935c5bcfb3eb93a0e9
-
Size
2.0MB
-
MD5
ef19346efc978bc79e699264ac6e944e
-
SHA1
5f9023077988daf5199b15f1136e96de92cf5616
-
SHA256
e70c7dcdf6ebca91f79ae803d9c23038b953b3051c6615935c5bcfb3eb93a0e9
-
SHA512
fd1995fa00cc122f11d1839a6261d55e2b7b4acd73c51dc4ef71fc877b2382e7350f728f60fa9c3870403e2af0a05fe37b2ff10f97f4399359ca3eb731f34aea
-
SSDEEP
49152:Cl0qnqiv91FFZ2CBES3RoM3jJW/cCc7V/xnJB:m0qn5RhoKgR8nB
Score7/10-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Adds Run key to start application
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
Drops file in System32 directory
-