General
-
Target
5c8e4758ca55c7b3f6379d2edccdfd9616517eb420887601115f7736b25e6930.bin.sample
-
Size
2.3MB
-
Sample
201028-791vlm56vs
-
MD5
3fa08a11d59047a429dd90fcc15a6a87
-
SHA1
60a15cd2a326fd390a80a6056843f3721c33e3ff
-
SHA256
5c8e4758ca55c7b3f6379d2edccdfd9616517eb420887601115f7736b25e6930
-
SHA512
6a23ec6be673d9607c080a2e1d35751d0622efc7f27500e5370bfc61fa5361cd2aed4a76e87a0c729f754cd78aa353475cb44b72fbcdfe47f094ce6ec219476a
Malware Config
Targets
-
-
Target
5c8e4758ca55c7b3f6379d2edccdfd9616517eb420887601115f7736b25e6930.bin.sample
-
Size
2.3MB
-
MD5
3fa08a11d59047a429dd90fcc15a6a87
-
SHA1
60a15cd2a326fd390a80a6056843f3721c33e3ff
-
SHA256
5c8e4758ca55c7b3f6379d2edccdfd9616517eb420887601115f7736b25e6930
-
SHA512
6a23ec6be673d9607c080a2e1d35751d0622efc7f27500e5370bfc61fa5361cd2aed4a76e87a0c729f754cd78aa353475cb44b72fbcdfe47f094ce6ec219476a
Score10/10-
Suspicious use of NtCreateProcessExOtherParentProcess
-
Drops file in Drivers directory
-
Modifies Installed Components in the registry
-
Drops startup file
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Drops file in System32 directory
-