General

  • Target

    IDM.v6.42.Build.23.Crack.zip

  • Size

    2.4MB

  • Sample

    241021-qkln3axarp

  • MD5

    b7becab9ac90f31b0466c72666085a03

  • SHA1

    570d498d26484daf1b9930b440511f37fea1da63

  • SHA256

    0964ba7dcdfe4f1e84e0691e003dfc823a1fcf11f700fdd4fead4f2d51493968

  • SHA512

    53f31e229de8cfdbe04a64a1a861b843d1c5665f09cef948b0ead1762dd9ade8b5ea20725ce7ec462e250362c9f6be8224bf9253b63b4c809017f644dd230fd7

  • SSDEEP

    49152:ppLRBc9QS0PUUbvN/jyCHGSM+BH+gf6AjfZVZT2MU2UbLP4CxbD58g5mkR:ppdbS0J1jyWGSrhf6aZpSP4CFWgIkR

Malware Config

Targets

    • Target

      IDM.v6.42.Build.23.Crack/IDM Protection Key Cleaner.bat

    • Size

      8KB

    • MD5

      66e736d158131ada43af4b98d84f880b

    • SHA1

      6ae6255d12b1aedc3218ad5593c1d7a49d3a74e0

    • SHA256

      1d83a1b5830aeef9533a2cacbabf880da6d71e17031dd1d46e1b3d3e5768d9fe

    • SHA512

      7a5896b4221608bf32a7d35fd268c896c41abc47c06a3e761f7d213a372e9d7080ed508f7bad1e3bbd9c0fd6563bfb45bf2081dc66d9c490caa8455d296b91cf

    • SSDEEP

      192:IJGsSXczOrcf1NrAfCvIzxflf0kREPTvDHbhgzrhtytc:IGdREjDHbaXic

    Score
    1/10
    • Target

      IDM.v6.42.Build.23.Crack/IDMan.exe

    • Size

      5.7MB

    • MD5

      daf54987ccc97d11be5ee6b64dc67971

    • SHA1

      7a73850ddd52ec58d6872c1c65ed4527b80f22e4

    • SHA256

      b1d164a14fc8141f61f473e4a16d52d8d9bfde489ddf04c859fca4732f770a81

    • SHA512

      17d94bdc7b08ad67abdcf1a5b4cbe8eaf699bfa3e67ef158e835053c7aabd199c081ce9b0155c61e65d72fe491e15e5274a779b2c71a745532cbd2baa577eb7b

    • SSDEEP

      98304:hd2GmK+m8zSw+MU0P4b18frP3wbzWFimaI7dloT:6VK38zfqwgbzWFimaI7dlG

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Adds Run key to start application

    • Installs/modifies Browser Helper Object

      BHOs are DLL modules which act as plugins for Internet Explorer.

MITRE ATT&CK Enterprise v15

Tasks