General
-
Target
0cad2382600ae9db4fa729d3b35a70e5d136aa160cd5ffb213d6afca06171d34
-
Size
750KB
-
Sample
221020-lrwemagcc9
-
MD5
81070d64220b270178a5790ee7c91c60
-
SHA1
72e63c85d37a53262bad5ff68421d215b26687de
-
SHA256
0cad2382600ae9db4fa729d3b35a70e5d136aa160cd5ffb213d6afca06171d34
-
SHA512
e3dcc664b0839b02a5c911ef7208f97123d6e1e6020c1a1cfa88bd2f7ac9e83f8a6d54e353d412444bcad9d96bb871133280de753a8c687a1a18e9ca5d869b1f
-
SSDEEP
12288:X0ET3f76JlqUvpPGf2diDy5H/f6iWOSVTbjLroPvSmkO2ki4pQA8:XdMlqcPmDa/fnSVvroDk0
Malware Config
Targets
-
-
Target
0cad2382600ae9db4fa729d3b35a70e5d136aa160cd5ffb213d6afca06171d34
-
Size
750KB
-
MD5
81070d64220b270178a5790ee7c91c60
-
SHA1
72e63c85d37a53262bad5ff68421d215b26687de
-
SHA256
0cad2382600ae9db4fa729d3b35a70e5d136aa160cd5ffb213d6afca06171d34
-
SHA512
e3dcc664b0839b02a5c911ef7208f97123d6e1e6020c1a1cfa88bd2f7ac9e83f8a6d54e353d412444bcad9d96bb871133280de753a8c687a1a18e9ca5d869b1f
-
SSDEEP
12288:X0ET3f76JlqUvpPGf2diDy5H/f6iWOSVTbjLroPvSmkO2ki4pQA8:XdMlqcPmDa/fnSVvroDk0
Score9/10-
Checks for common network interception software
Looks in the registry for tools like Wireshark or Fiddler commonly used to analyze network activity.
-
Enumerates VirtualBox registry keys
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-