General
-
Target
2f06a059e40ae464f488b22487502a00N.exe
-
Size
162KB
-
Sample
240721-agxzxs1fnc
-
MD5
2f06a059e40ae464f488b22487502a00
-
SHA1
dab08c3c6d85cc0ab1e964b79aa47ed11b793b64
-
SHA256
b19d7becb686d1b1130ee3e7e3e50c3271b6e4ebdccc91abb15b10749c96fed6
-
SHA512
925d3aadf3509e1c52defc1d95c70995be19d4c95873b81aded68d828afdc713aaa66a0a40ffbda2d4c54911daeafbbf9e2283e6f199eb8735d8afea5a10a432
-
SSDEEP
3072:sQc01zAf6QGkBIO20Zlv92cKAArDZz4N9GhbkrNEkE1:sQcygYkBIOFLIyN90QE
Malware Config
Targets
-
-
Target
2f06a059e40ae464f488b22487502a00N.exe
-
Size
162KB
-
MD5
2f06a059e40ae464f488b22487502a00
-
SHA1
dab08c3c6d85cc0ab1e964b79aa47ed11b793b64
-
SHA256
b19d7becb686d1b1130ee3e7e3e50c3271b6e4ebdccc91abb15b10749c96fed6
-
SHA512
925d3aadf3509e1c52defc1d95c70995be19d4c95873b81aded68d828afdc713aaa66a0a40ffbda2d4c54911daeafbbf9e2283e6f199eb8735d8afea5a10a432
-
SSDEEP
3072:sQc01zAf6QGkBIO20Zlv92cKAArDZz4N9GhbkrNEkE1:sQcygYkBIOFLIyN90QE
Score10/10-
Modifies visiblity of hidden/system files in Explorer
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Adds Run key to start application
-
Drops file in System32 directory
-