General
-
Target
Rage Injector v2.0.exe
-
Size
444KB
-
Sample
210408-d5j29hx4ms
-
MD5
3cd5c25179eb316711630698a713b187
-
SHA1
d77ec46b4bd6d47e4b167ce1aaabec72981730a6
-
SHA256
f4f845267f7126cfdfc8ca2aa6ebe1dd3833a74e393b1d0acf76cb33acb3e740
-
SHA512
ef7f6dbcaba58289b61fb9bc29d1707caa9d66e8f662a79a29af38cc2fb8e25054e5e7157263c70e93c852d2cf5780e2df3bdacc3d567d4cedf26cd2d5502652
Malware Config
Targets
-
-
Target
Rage Injector v2.0.exe
-
Size
444KB
-
MD5
3cd5c25179eb316711630698a713b187
-
SHA1
d77ec46b4bd6d47e4b167ce1aaabec72981730a6
-
SHA256
f4f845267f7126cfdfc8ca2aa6ebe1dd3833a74e393b1d0acf76cb33acb3e740
-
SHA512
ef7f6dbcaba58289b61fb9bc29d1707caa9d66e8f662a79a29af38cc2fb8e25054e5e7157263c70e93c852d2cf5780e2df3bdacc3d567d4cedf26cd2d5502652
Score10/10-
Suspicious use of NtCreateProcessExOtherParentProcess
-
Loads dropped DLL
-
Obfuscated with Agile.Net obfuscator
Detects use of the Agile.Net commercial obfuscator, which is capable of entity renaming and control flow obfuscation.
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-