General
-
Target
0x0008000000022ebf-137.dat
-
Size
301KB
-
Sample
220506-sdvz9scgar
-
MD5
a28dd9f9e5e5b9cd4ed4678f272ae95b
-
SHA1
8baf92898954d076879daf50bcd2b895ecd15f83
-
SHA256
503f345095e5aa479b922a79aa479394a7ecedc9eba9d396a2a82c4649a479d1
-
SHA512
a20b9661804f8b787434d70c7beccddef9a013bd76cab31f94e7da1162b8ed764e195d626e3ae7522e5f4581c169cd34ae190eb60f2b370859d2994f5ab7e310
Malware Config
Targets
-
-
Target
0x0008000000022ebf-137.dat
-
Size
301KB
-
MD5
a28dd9f9e5e5b9cd4ed4678f272ae95b
-
SHA1
8baf92898954d076879daf50bcd2b895ecd15f83
-
SHA256
503f345095e5aa479b922a79aa479394a7ecedc9eba9d396a2a82c4649a479d1
-
SHA512
a20b9661804f8b787434d70c7beccddef9a013bd76cab31f94e7da1162b8ed764e195d626e3ae7522e5f4581c169cd34ae190eb60f2b370859d2994f5ab7e310
Score10/10-
suricata: ET MALWARE Vidar/Arkei/Megumin Stealer Keywords Retrieved
suricata: ET MALWARE Vidar/Arkei/Megumin Stealer Keywords Retrieved
-
suricata: ET MALWARE W32/Agent.OGR!tr.pws Stealer
suricata: ET MALWARE W32/Agent.OGR!tr.pws Stealer
-
Loads dropped DLL
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Accesses 2FA software files, possible credential harvesting
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-