General
-
Target
88c8a43e9f0d9635f1995352395d79a7
-
Size
113KB
-
Sample
211019-msvedsgfak
-
MD5
88c8a43e9f0d9635f1995352395d79a7
-
SHA1
e6ce82d100b82640cc87dce086e1a35d87e5418f
-
SHA256
82c0fe6ee7c50aab66003d62b80181a69984dd2f46afdc0f0b264b4f9c087ad5
-
SHA512
280c955488dc171b48552ee97fb950e384b5e233397850adcd91dab591d7b5558e3304381ee8c0d658062f71903d6e3524faef7bab8747339b37b91375aff349
Malware Config
Extracted
redline
z0rm1onrnaclove
185.215.113.94:54621
Targets
-
-
Target
88c8a43e9f0d9635f1995352395d79a7
-
Size
113KB
-
MD5
88c8a43e9f0d9635f1995352395d79a7
-
SHA1
e6ce82d100b82640cc87dce086e1a35d87e5418f
-
SHA256
82c0fe6ee7c50aab66003d62b80181a69984dd2f46afdc0f0b264b4f9c087ad5
-
SHA512
280c955488dc171b48552ee97fb950e384b5e233397850adcd91dab591d7b5558e3304381ee8c0d658062f71903d6e3524faef7bab8747339b37b91375aff349
Score7/10-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-