Extracted

• • Target

    2407606222dae967c25166199b042e94b2fda8aa7d786327fb29ed6d5dcc371d

  • Size

    126KB

  • MD5

    6906aba043866469073b168d316de966

  • SHA1

    f943c4b420d8ebf17424a1ed8081f29bed27f4f6

  • SHA256

    2407606222dae967c25166199b042e94b2fda8aa7d786327fb29ed6d5dcc371d

  • SHA512

    fbd7a592cd637c441e2ee302c7eb210fec4261e9159adbafbaa814b9635967eb5bdb99e4c233cbde58fa6b968cc0317beade0b0efc86efd5da97d7b55794df7b

  • SSDEEP

    3072:zpF3T6kXMn/Yf96OHt1SNh/dX2miQpWv2IeXhHYM4p4m0e1AB:zHOUMnY96OmN7l/ieX11z

  Score

  10^/10

  persistencespywarestealer

  • Drops file in Drivers directory

  • Reads user/profile data of web browsers

    Infostealers often target stored browser data, which can include saved credentials etc.

    spywarestealer

  • Adds Run key to start application

    persistence

  • Suspicious use of SetThreadContext

  behavioral1behavioral2