General
-
Target
3c543e42a3654dead458826fb4c5408abb0b308c6912a113e712515272fcf38c.exe
-
Size
628KB
-
Sample
210211-t4l1apdc26
-
MD5
bd2e89f1c7dbcec5689cafcfda4cb74f
-
SHA1
4a946e07f82ee1b9259fce87d3f82cb0937cf0cc
-
SHA256
3c543e42a3654dead458826fb4c5408abb0b308c6912a113e712515272fcf38c
-
SHA512
d1ed79cc03364350e4b2fe2995206c517262753162fdbaa12d77a56fbed6f144e1f367f2f51cb868a065da56a861c283bb203aac250638e7f6db1a3c7e60f207
Malware Config
Targets
-
-
Target
3c543e42a3654dead458826fb4c5408abb0b308c6912a113e712515272fcf38c.exe
-
Size
628KB
-
MD5
bd2e89f1c7dbcec5689cafcfda4cb74f
-
SHA1
4a946e07f82ee1b9259fce87d3f82cb0937cf0cc
-
SHA256
3c543e42a3654dead458826fb4c5408abb0b308c6912a113e712515272fcf38c
-
SHA512
d1ed79cc03364350e4b2fe2995206c517262753162fdbaa12d77a56fbed6f144e1f367f2f51cb868a065da56a861c283bb203aac250638e7f6db1a3c7e60f207
Score7/10-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Writes to the Master Boot Record (MBR)
Bootkits write to the MBR to gain persistence at a level below the operating system.
-
Enumerates physical storage devices
Attempts to interact with connected storage/optical drive(s). Likely ransomware behaviour.
-