General

  • Target

    18c18527b436e17fba8925bd48dd6f0f.bin

  • Size

    217KB

  • Sample

    241109-bgyf5asrc1

  • MD5

    e328641571fb2427d5205680a202cf57

  • SHA1

    2e09343dbc0a95162f1114f6a4d0273dd41ac90d

  • SHA256

    1f570ab47e21bb896e5007c05467e5ff1db5b76bef203f00b776f9884752af3a

  • SHA512

    05f5739c7281cf16d1fec016a7c1b7c6a41163a6bb7e671910103d387cec1b5340291cd0d96b601ac51a8c87ee72d10c0bb2bb59b53a87ce5eb511717531d556

  • SSDEEP

    3072:YOLr/cc0NXQ4m4+28ibk5TCqWAJtl26k9xk9cdsr023wqUPRo2zrjPkBgXoVtC7C:J+NgBA5CCqdJvk9XdnRo2Noyke+

Score
7/10

Malware Config

Targets

    • Target

      d102ed2d84c737932c4245554677db93f5b5681fdde8814755f1038575dda07f.exe

    • Size

      475KB

    • MD5

      18c18527b436e17fba8925bd48dd6f0f

    • SHA1

      e90cdb0019fce78abcdd22930f0ba0d1d9f5059d

    • SHA256

      d102ed2d84c737932c4245554677db93f5b5681fdde8814755f1038575dda07f

    • SHA512

      33510e44e7b81a007e7e3dc085a52e5768a11a526b5c86e7d1e0838dc1ebae17377110a47cd70d937537db7885a0a178f31693837a92701b59a69a20df61bc64

    • SSDEEP

      6144:KfnxJH6DCEuxuqyM7+YYZ7NsdhAT0U6kuLY9tHfr0a1TatqbbDN3sJEoW:2xJaDCE6uBu+YYzn0UrBAaRatYk/

    Score
    7/10
    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Looks up external IP address via web service

      Uses a legitimate IP lookup service to find the infected system's external IP.

MITRE ATT&CK Enterprise v15

Tasks