General
-
Target
3c38c0d12a9c8a2a8d08a2f711a11e87ba0b223543abc1302d320e5cc34b12a0(1)
-
Size
1.9MB
-
Sample
210505-3f8jpt4h9s
-
MD5
6080a39b17dffe1e740f2bef3c03b0d2
-
SHA1
a50798b05a482df97f841b847cbef88c67b6e181
-
SHA256
3c38c0d12a9c8a2a8d08a2f711a11e87ba0b223543abc1302d320e5cc34b12a0
-
SHA512
70f3fa4f26532957b85b8cf6a2dce497f9f6d8c0d15ee60366abf6d9d909b3f63c1f8a80cd32188bc887fb270b18b36646ac7a6918f37a91fdcad7858af78569
Malware Config
Targets
-
-
Target
3c38c0d12a9c8a2a8d08a2f711a11e87ba0b223543abc1302d320e5cc34b12a0(1)
-
Size
1.9MB
-
MD5
6080a39b17dffe1e740f2bef3c03b0d2
-
SHA1
a50798b05a482df97f841b847cbef88c67b6e181
-
SHA256
3c38c0d12a9c8a2a8d08a2f711a11e87ba0b223543abc1302d320e5cc34b12a0
-
SHA512
70f3fa4f26532957b85b8cf6a2dce497f9f6d8c0d15ee60366abf6d9d909b3f63c1f8a80cd32188bc887fb270b18b36646ac7a6918f37a91fdcad7858af78569
Score10/10-
Modifies WinLogon for persistence
-
Executes dropped EXE
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-
Loads dropped DLL
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Adds Run key to start application
-
Drops file in System32 directory
-