General
-
Target
4065ecab84de0e165c80a963849fcf49930d8c097fe0ca2995eabba236f075ee
-
Size
440KB
-
Sample
221011-nt1hgacfb3
-
MD5
7022c453ca06225bad26771912c2e1d0
-
SHA1
0e14eeeb1eccfb61b4faee53738e9c86c5fd2134
-
SHA256
4065ecab84de0e165c80a963849fcf49930d8c097fe0ca2995eabba236f075ee
-
SHA512
bfcc93f819ccbbe9c5f7e53539101a347540df0a2f90d0ec7e684b5592e952019f65b7d8831c8e9aaa51302b79d597d8f217c094b5b60cd13f7fc3fd4ed9478b
-
SSDEEP
6144:nngZhEgiyePgcd9npTI7vpaOGL0w8XngJ3ZanZ1uvlFDs25tuAYsnHsiW08EeBnH:ngVLehdRpTIVafgaTl9WuZE0Y8a
Malware Config
Targets
-
-
Target
4065ecab84de0e165c80a963849fcf49930d8c097fe0ca2995eabba236f075ee
-
Size
440KB
-
MD5
7022c453ca06225bad26771912c2e1d0
-
SHA1
0e14eeeb1eccfb61b4faee53738e9c86c5fd2134
-
SHA256
4065ecab84de0e165c80a963849fcf49930d8c097fe0ca2995eabba236f075ee
-
SHA512
bfcc93f819ccbbe9c5f7e53539101a347540df0a2f90d0ec7e684b5592e952019f65b7d8831c8e9aaa51302b79d597d8f217c094b5b60cd13f7fc3fd4ed9478b
-
SSDEEP
6144:nngZhEgiyePgcd9npTI7vpaOGL0w8XngJ3ZanZ1uvlFDs25tuAYsnHsiW08EeBnH:ngVLehdRpTIVafgaTl9WuZE0Y8a
Score10/10-
Modifies visibility of file extensions in Explorer
-
UAC bypass
-
Executes dropped EXE
-
Loads dropped DLL
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Adds Run key to start application
-
Checks whether UAC is enabled
-
Drops file in System32 directory
-