General
-
Target
1DED78A44A6A508EDE0D043BDF0FBDFE.exe
-
Size
29.6MB
-
Sample
210726-nv62vl5g7e
-
MD5
1ded78a44a6a508ede0d043bdf0fbdfe
-
SHA1
096b5221378ebf385ded0d5c1298ceaec0264b34
-
SHA256
bf74501ed4ba4b301a715cd9110fe2f91ef7124656016d99dbb2f1146a80d232
-
SHA512
07a880cc3dd70a25852f1ec2b38aaf443fe28d9fbc0a4629b31216790d96a9b753fcaa0aeda56de280663c198df1a617d74563446b5c453d6f48c33ac24fb1c5
Malware Config
Targets
-
-
Target
1DED78A44A6A508EDE0D043BDF0FBDFE.exe
-
Size
29.6MB
-
MD5
1ded78a44a6a508ede0d043bdf0fbdfe
-
SHA1
096b5221378ebf385ded0d5c1298ceaec0264b34
-
SHA256
bf74501ed4ba4b301a715cd9110fe2f91ef7124656016d99dbb2f1146a80d232
-
SHA512
07a880cc3dd70a25852f1ec2b38aaf443fe28d9fbc0a4629b31216790d96a9b753fcaa0aeda56de280663c198df1a617d74563446b5c453d6f48c33ac24fb1c5
Score9/10-
ACProtect 1.3x - 1.4x DLL software
Detects file using ACProtect software.
-
Enumerates VirtualBox DLL files
-
Looks for VirtualBox drivers on disk
-
Looks for VirtualBox executables on disk
-
Drops file in Drivers directory
-
Looks for VMWare drivers on disk
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-
Loads dropped DLL
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Drops file in System32 directory
-