General
-
Target
ed86d263ebbf3597a1ae0616307a1bee1146ee7c0e7f936afd4a3e3de8234f16
-
Size
611KB
-
Sample
221011-v1s6asffhn
-
MD5
634e14ce49d9c04b9003107ca6bfbaae
-
SHA1
da3a3d6caeda7049986d8dd0efda28efae48ac0d
-
SHA256
ed86d263ebbf3597a1ae0616307a1bee1146ee7c0e7f936afd4a3e3de8234f16
-
SHA512
91404a931fbc8dabe6541e6f0fba18cd1a15f41ca0e5bc732bd5ece5562c58f940dccb66970faf2af3ea309aa1f21e69a80f6dbb22205f0771b3aadd9b9a5613
-
SSDEEP
12288:LtSvEm7vWmjugXUYRy5X/TxDnsH32M9A/oj79A:LIv7tXUOEPTxLsVew7C
Malware Config
Targets
-
-
Target
ed86d263ebbf3597a1ae0616307a1bee1146ee7c0e7f936afd4a3e3de8234f16
-
Size
611KB
-
MD5
634e14ce49d9c04b9003107ca6bfbaae
-
SHA1
da3a3d6caeda7049986d8dd0efda28efae48ac0d
-
SHA256
ed86d263ebbf3597a1ae0616307a1bee1146ee7c0e7f936afd4a3e3de8234f16
-
SHA512
91404a931fbc8dabe6541e6f0fba18cd1a15f41ca0e5bc732bd5ece5562c58f940dccb66970faf2af3ea309aa1f21e69a80f6dbb22205f0771b3aadd9b9a5613
-
SSDEEP
12288:LtSvEm7vWmjugXUYRy5X/TxDnsH32M9A/oj79A:LIv7tXUOEPTxLsVew7C
Score9/10-
Checks for common network interception software
Looks in the registry for tools like Wireshark or Fiddler commonly used to analyze network activity.
-
Enumerates VirtualBox registry keys
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Adds Run key to start application
-