General
-
Target
f36d31af6376629d99d10070608cc37c79552330e0c17124944e654351a5d351
-
Size
1.1MB
-
Sample
240701-e7rcaazcnr
-
MD5
4d3a22c40f210169c6196b2353dae499
-
SHA1
9e7bc7294f0894d255e096c152484c7f3950657e
-
SHA256
f36d31af6376629d99d10070608cc37c79552330e0c17124944e654351a5d351
-
SHA512
668903ded626c96db9018c17bb90499f4d1b429b4d9dbeac3993a59a8d0df75df0eba2c866d78b4550bbe01164ae59955ee0b3976acdfb04ef50fe6d5de12f95
-
SSDEEP
24576:oWy2ylusAm4MLxZRUF1Shnr+MSp8CHnafTMrsuZ:VyJV46ZRUzLMrfQn
Malware Config
Targets
-
-
Target
f36d31af6376629d99d10070608cc37c79552330e0c17124944e654351a5d351
-
Size
1.1MB
-
MD5
4d3a22c40f210169c6196b2353dae499
-
SHA1
9e7bc7294f0894d255e096c152484c7f3950657e
-
SHA256
f36d31af6376629d99d10070608cc37c79552330e0c17124944e654351a5d351
-
SHA512
668903ded626c96db9018c17bb90499f4d1b429b4d9dbeac3993a59a8d0df75df0eba2c866d78b4550bbe01164ae59955ee0b3976acdfb04ef50fe6d5de12f95
-
SSDEEP
24576:oWy2ylusAm4MLxZRUF1Shnr+MSp8CHnafTMrsuZ:VyJV46ZRUzLMrfQn
Score9/10-
Detects executables containing possible sandbox analysis VM usernames
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Adds Run key to start application
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
Drops file in System32 directory
-