General
-
Target
415fc7deafa34c0368bd636bfc550d2f442d74d5d39f2f18739b4a677d1c51f6
-
Size
243KB
-
Sample
221029-zkcktsfagq
-
MD5
84c3d5e82d228a1099b370e6dbcc1a30
-
SHA1
7415400c2112a608e4f8df69fd3804e2659c5ea9
-
SHA256
415fc7deafa34c0368bd636bfc550d2f442d74d5d39f2f18739b4a677d1c51f6
-
SHA512
54ceef2c05c1444a9ee5dc1798312898ec5d3ba61c03636691917eb9dc6fe500a9fbefe469eb3921eb74767b3993e50da74dd07bb636779210bb2a8081ab6a92
-
SSDEEP
3072:aq+kzUMIXLZdz1gfOkwgPf0/HJqCQbKjn905m9gtcz5b7ehDhdj97n9tSPHG7jgQ:V+kzUMIbZdzmGknwBJb7qhKPm7jY4
Malware Config
Targets
-
-
Target
415fc7deafa34c0368bd636bfc550d2f442d74d5d39f2f18739b4a677d1c51f6
-
Size
243KB
-
MD5
84c3d5e82d228a1099b370e6dbcc1a30
-
SHA1
7415400c2112a608e4f8df69fd3804e2659c5ea9
-
SHA256
415fc7deafa34c0368bd636bfc550d2f442d74d5d39f2f18739b4a677d1c51f6
-
SHA512
54ceef2c05c1444a9ee5dc1798312898ec5d3ba61c03636691917eb9dc6fe500a9fbefe469eb3921eb74767b3993e50da74dd07bb636779210bb2a8081ab6a92
-
SSDEEP
3072:aq+kzUMIXLZdz1gfOkwgPf0/HJqCQbKjn905m9gtcz5b7ehDhdj97n9tSPHG7jgQ:V+kzUMIbZdzmGknwBJb7qhKPm7jY4
Score8/10-
Drops file in Drivers directory
-
Executes dropped EXE
-
Deletes itself
-
Loads dropped DLL
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Adds Run key to start application
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-