General
-
Target
7e9a93c69aecfc2bbda9470fbd4556db.exe
-
Size
14KB
-
Sample
240210-snfnbsfd59
-
MD5
7e9a93c69aecfc2bbda9470fbd4556db
-
SHA1
ab0e810472a897affac1a761b49595939f6897a9
-
SHA256
82e68bb4f56181a0b2458f2861aa7b5fa1bb0f4ce30907d579c3b92707ef2647
-
SHA512
59abfa455c148c88959f992864de627857e950d9abb36b49efd979da4139a50847932d9577d658d0d793802ef5a6f6b91520440af2ff983dbf04126cf909d342
-
SSDEEP
384:1R8wtU1eai/zbM/XygkxOu6cyhLWi1fXlSW:1eCU1vi7blHhyhiij
Malware Config
Targets
-
-
Target
7e9a93c69aecfc2bbda9470fbd4556db.exe
-
Size
14KB
-
MD5
7e9a93c69aecfc2bbda9470fbd4556db
-
SHA1
ab0e810472a897affac1a761b49595939f6897a9
-
SHA256
82e68bb4f56181a0b2458f2861aa7b5fa1bb0f4ce30907d579c3b92707ef2647
-
SHA512
59abfa455c148c88959f992864de627857e950d9abb36b49efd979da4139a50847932d9577d658d0d793802ef5a6f6b91520440af2ff983dbf04126cf909d342
-
SSDEEP
384:1R8wtU1eai/zbM/XygkxOu6cyhLWi1fXlSW:1eCU1vi7blHhyhiij
Score10/10-
UAC bypass
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Accesses Microsoft Outlook profiles
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Checks whether UAC is enabled
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Abuse Elevation Control Mechanism
1Bypass User Account Control
1Scheduled Task/Job
1