General
-
Target
c0e0b04921939fa617c707b94b555b19ea737d6ee1606293d5b44f88a3ace74cN
-
Size
1005KB
-
Sample
240928-dqyvcswgpe
-
MD5
1386c886895587d556d849d374f99c00
-
SHA1
af9a17f5fc3069af875d7e48d77f570f490c035e
-
SHA256
c0e0b04921939fa617c707b94b555b19ea737d6ee1606293d5b44f88a3ace74c
-
SHA512
46f60d55f0a6b28bd3fbd5846e8e02be1ea469475b90112b7bef058ff70dcffb6b1ad27ea6bb654f9941c9ed7d60ff712a6eb7d74e7d5d2eb505c6283b9cc22f
-
SSDEEP
24576:T0m7MVyppWwUeY/vnS5QhJfgtwy+dFA0zq:RMwEeY//IQhJowy+Tq
Malware Config
Targets
-
-
Target
c0e0b04921939fa617c707b94b555b19ea737d6ee1606293d5b44f88a3ace74cN
-
Size
1005KB
-
MD5
1386c886895587d556d849d374f99c00
-
SHA1
af9a17f5fc3069af875d7e48d77f570f490c035e
-
SHA256
c0e0b04921939fa617c707b94b555b19ea737d6ee1606293d5b44f88a3ace74c
-
SHA512
46f60d55f0a6b28bd3fbd5846e8e02be1ea469475b90112b7bef058ff70dcffb6b1ad27ea6bb654f9941c9ed7d60ff712a6eb7d74e7d5d2eb505c6283b9cc22f
-
SSDEEP
24576:T0m7MVyppWwUeY/vnS5QhJfgtwy+dFA0zq:RMwEeY//IQhJowy+Tq
Score7/10-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Executes dropped EXE
-
Loads dropped DLL
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
Indicator Removal: File Deletion
Adversaries may delete files left behind by the actions of their intrusion activity.
-
MITRE ATT&CK Enterprise v15
Credential Access
Credentials from Password Stores
1Credentials from Web Browsers
1Unsecured Credentials
1Credentials In Files
1