General
-
Target
Lost.exe
-
Size
13.5MB
-
Sample
240711-xhxrwazbjl
-
MD5
424379a523bfc83fd9d1d49ee77646e2
-
SHA1
88fb369aae68939600323ddfefd8dcbf77661c5a
-
SHA256
39ede861f87b3f423931768d41395acb3bd4112470c30812387dbd24428bec7f
-
SHA512
6b63c07d5a50ea38cdaf6792c58b010abe158cc9abb36b9fa39dc8f13dd357d24829c1221e442681a5874680f6d206309058be235742e9d0bfa503ca8950388c
-
SSDEEP
196608:nuEkwAc749UERBA1HeT39IigwE1ncKOVVtd97t86OkpPtQBN+j9WBsBTlqx5Kx:uEkwAck5q1+TtIiFg0VBxtXtR6ijEjS
Malware Config
Targets
-
-
Target
Lost.exe
-
Size
13.5MB
-
MD5
424379a523bfc83fd9d1d49ee77646e2
-
SHA1
88fb369aae68939600323ddfefd8dcbf77661c5a
-
SHA256
39ede861f87b3f423931768d41395acb3bd4112470c30812387dbd24428bec7f
-
SHA512
6b63c07d5a50ea38cdaf6792c58b010abe158cc9abb36b9fa39dc8f13dd357d24829c1221e442681a5874680f6d206309058be235742e9d0bfa503ca8950388c
-
SSDEEP
196608:nuEkwAc749UERBA1HeT39IigwE1ncKOVVtd97t86OkpPtQBN+j9WBsBTlqx5Kx:uEkwAck5q1+TtIiFg0VBxtXtR6ijEjS
Score7/10-
Drops startup file
-
Loads dropped DLL
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Legitimate hosting services abused for malware hosting/C2
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-