General
-
Target
1c4e38c8ed1324dd35926d8e43a5cfd3c34980e960cef53f6f4acbb8ecf2454f
-
Size
98KB
-
Sample
240428-mgn38sdf33
-
MD5
9ca947cbd002cc95677ee88e6307fead
-
SHA1
e5c64d3d3c3d05d8cf0aea2809cf4d2403a5d758
-
SHA256
1c4e38c8ed1324dd35926d8e43a5cfd3c34980e960cef53f6f4acbb8ecf2454f
-
SHA512
616a0afd5051fecb7fb98a36447a4b14941bb250b4975f788b88739a32bfec53ba3bc3c3a020bd786442a37a0758255221fdbadb0bece4902e48e7c6cd5f77cd
-
SSDEEP
3072:8CYe+azbRPrlr9RXFHLK4ddJMY86ipmns6S:dd+azbRZvNKCJMYU
Malware Config
Targets
-
-
Target
1c4e38c8ed1324dd35926d8e43a5cfd3c34980e960cef53f6f4acbb8ecf2454f
-
Size
98KB
-
MD5
9ca947cbd002cc95677ee88e6307fead
-
SHA1
e5c64d3d3c3d05d8cf0aea2809cf4d2403a5d758
-
SHA256
1c4e38c8ed1324dd35926d8e43a5cfd3c34980e960cef53f6f4acbb8ecf2454f
-
SHA512
616a0afd5051fecb7fb98a36447a4b14941bb250b4975f788b88739a32bfec53ba3bc3c3a020bd786442a37a0758255221fdbadb0bece4902e48e7c6cd5f77cd
-
SSDEEP
3072:8CYe+azbRPrlr9RXFHLK4ddJMY86ipmns6S:dd+azbRZvNKCJMYU
Score7/10-
Deletes itself
-
Drops startup file
-
Executes dropped EXE
-
Loads dropped DLL
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-