General
-
Target
be5d8e16d33512f55cc91a911bfbf6ac9c7cc1d3dcba2d745a1649b0cea70534N
-
Size
970KB
-
Sample
240930-qlmbzs1fre
-
MD5
d465108e169d89bfad4ed5787570dba0
-
SHA1
16b10d336b4386771a94d828f9af5757948ae750
-
SHA256
be5d8e16d33512f55cc91a911bfbf6ac9c7cc1d3dcba2d745a1649b0cea70534
-
SHA512
02288f89dac9f575eeb4ae1ed2ee5ab4fea7b7cac59e1417a73f41a3ae020733be6927eadd1de4f9da73fa42e7f5259a3300b2d3583e72e25dfa5d4260b5f634
-
SSDEEP
24576:RV5fin1sAT4v8U0bue7mRl7muSHDpjKJRl1BKF81Ws:DZ6ue7gNHSjpjK3LBj
Malware Config
Targets
-
-
Target
be5d8e16d33512f55cc91a911bfbf6ac9c7cc1d3dcba2d745a1649b0cea70534N
-
Size
970KB
-
MD5
d465108e169d89bfad4ed5787570dba0
-
SHA1
16b10d336b4386771a94d828f9af5757948ae750
-
SHA256
be5d8e16d33512f55cc91a911bfbf6ac9c7cc1d3dcba2d745a1649b0cea70534
-
SHA512
02288f89dac9f575eeb4ae1ed2ee5ab4fea7b7cac59e1417a73f41a3ae020733be6927eadd1de4f9da73fa42e7f5259a3300b2d3583e72e25dfa5d4260b5f634
-
SSDEEP
24576:RV5fin1sAT4v8U0bue7mRl7muSHDpjKJRl1BKF81Ws:DZ6ue7gNHSjpjK3LBj
Score7/10-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Drops startup file
-
Executes dropped EXE
-
Loads dropped DLL
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Credential Access
Credentials from Password Stores
1Credentials from Web Browsers
1Unsecured Credentials
1Credentials In Files
1