General
-
Target
3d1c9304971d59f57337749210674d40N.exe
-
Size
244KB
-
Sample
240814-g41gwssgmr
-
MD5
3d1c9304971d59f57337749210674d40
-
SHA1
b19b0c6925a181e0626203553e616d31903d0ae0
-
SHA256
846164d837e01acacb2809bd34a7f94a9f76e13e6023688cb6907f69c07cea07
-
SHA512
ebde29774e1d12a40a836b26a5adb0052b268537ae9caf507e33cd39f8519e74cb9cbc0cad8f001950cd20727902f41245bebaee3ddfb5e9c9e03b4b105bd0da
-
SSDEEP
6144:dXC4vgmhbIxs3NBBWafJ2iWurbwUmjEj+3DZm6kIB9Y+lfNzWQhFkDXaD:dXCNi9BAsJxrbwQaTZm6VfNz1DkTI
Malware Config
Targets
-
-
Target
3d1c9304971d59f57337749210674d40N.exe
-
Size
244KB
-
MD5
3d1c9304971d59f57337749210674d40
-
SHA1
b19b0c6925a181e0626203553e616d31903d0ae0
-
SHA256
846164d837e01acacb2809bd34a7f94a9f76e13e6023688cb6907f69c07cea07
-
SHA512
ebde29774e1d12a40a836b26a5adb0052b268537ae9caf507e33cd39f8519e74cb9cbc0cad8f001950cd20727902f41245bebaee3ddfb5e9c9e03b4b105bd0da
-
SSDEEP
6144:dXC4vgmhbIxs3NBBWafJ2iWurbwUmjEj+3DZm6kIB9Y+lfNzWQhFkDXaD:dXCNi9BAsJxrbwQaTZm6VfNz1DkTI
Score7/10-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Adds Run key to start application
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
Drops file in System32 directory
-