General
-
Target
8fba92e7730c734197c8e5977533df77.exe
-
Size
975KB
-
Sample
220420-hgxcdshgam
-
MD5
8fba92e7730c734197c8e5977533df77
-
SHA1
8106d808d0199d230b5943f15b1d85d05334d3ea
-
SHA256
72cb26ac08fa4ba35112a093b506eb97f730537f9a011a20ad8049d4da6fcb77
-
SHA512
ab1e7246e219b63b65082de10be4f6880bee0e1b04a50722bb7a1b8cfa81853a5793f581decfc43b5f1cf02d01fdd4fa3bc047cbc28afc0f37f6f87b75b397bb
Malware Config
Targets
-
-
Target
8fba92e7730c734197c8e5977533df77.exe
-
Size
975KB
-
MD5
8fba92e7730c734197c8e5977533df77
-
SHA1
8106d808d0199d230b5943f15b1d85d05334d3ea
-
SHA256
72cb26ac08fa4ba35112a093b506eb97f730537f9a011a20ad8049d4da6fcb77
-
SHA512
ab1e7246e219b63b65082de10be4f6880bee0e1b04a50722bb7a1b8cfa81853a5793f581decfc43b5f1cf02d01fdd4fa3bc047cbc28afc0f37f6f87b75b397bb
Score8/10-
Blocklisted process makes network request
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Suspicious use of SetThreadContext
-