General
-
Target
568ca6a7f3c71f74bb99ad85a84f4242424487e716c0eb30b6af588b0b31206c
-
Size
1.0MB
-
Sample
220725-c6v8qsbfbm
-
MD5
4fddee46c9cc4c48422fb8fe875b03e2
-
SHA1
4053c69b1e57ab66916f6b738ea0e4bd18e41397
-
SHA256
568ca6a7f3c71f74bb99ad85a84f4242424487e716c0eb30b6af588b0b31206c
-
SHA512
e9e8a62930cc350001c1ff6fccf11ee9586440db76b83be0fcc08f67f19329a664f210a9592ea6ada80095ff8d6211d9b2ac7d6101843ab02a462f4e6f4fdc07
Malware Config
Targets
-
-
Target
568ca6a7f3c71f74bb99ad85a84f4242424487e716c0eb30b6af588b0b31206c
-
Size
1.0MB
-
MD5
4fddee46c9cc4c48422fb8fe875b03e2
-
SHA1
4053c69b1e57ab66916f6b738ea0e4bd18e41397
-
SHA256
568ca6a7f3c71f74bb99ad85a84f4242424487e716c0eb30b6af588b0b31206c
-
SHA512
e9e8a62930cc350001c1ff6fccf11ee9586440db76b83be0fcc08f67f19329a664f210a9592ea6ada80095ff8d6211d9b2ac7d6101843ab02a462f4e6f4fdc07
Score10/10-
suricata: ET MALWARE Win32/Kelihos.F Checkin
suricata: ET MALWARE Win32/Kelihos.F Checkin
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Suspicious use of SetThreadContext
-