General
-
Target
ff2593b3abc60faa882faf492ca24894f773d8acbc58e6ca9e234e656d472024
-
Size
651KB
-
Sample
221004-d3zbnaahd7
-
MD5
ebd7837e9701cbdd740f9cededcd4938
-
SHA1
206abe6d3bd0d57d165d64f60639a55780c02232
-
SHA256
ff2593b3abc60faa882faf492ca24894f773d8acbc58e6ca9e234e656d472024
-
SHA512
e4ade75952f4206ddedd9bff8a948e0a530230a8c67b83e9fb16c06b0edb9268ad1dadbc5741240cdf25aed894ccbe37635800cd142714df8fb4925518a90e9c
-
SSDEEP
12288:ona9Wmicx1yh9LglCaOoxLLjlMHcFdfE6GSoSiaHzKvqWlllmyKCvZoLFp80MeU:on1cSbaOEFTFdc61FTJWllkyHvZoBp8O
Malware Config
Targets
-
-
Target
ff2593b3abc60faa882faf492ca24894f773d8acbc58e6ca9e234e656d472024
-
Size
651KB
-
MD5
ebd7837e9701cbdd740f9cededcd4938
-
SHA1
206abe6d3bd0d57d165d64f60639a55780c02232
-
SHA256
ff2593b3abc60faa882faf492ca24894f773d8acbc58e6ca9e234e656d472024
-
SHA512
e4ade75952f4206ddedd9bff8a948e0a530230a8c67b83e9fb16c06b0edb9268ad1dadbc5741240cdf25aed894ccbe37635800cd142714df8fb4925518a90e9c
-
SSDEEP
12288:ona9Wmicx1yh9LglCaOoxLLjlMHcFdfE6GSoSiaHzKvqWlllmyKCvZoLFp80MeU:on1cSbaOEFTFdc61FTJWllkyHvZoBp8O
Score8/10-
Disables taskbar notifications via registry modification
-
Executes dropped EXE
-
Loads dropped DLL
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Windows security modification
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Drops Chrome extension
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
Drops file in System32 directory
-