General
-
Target
7ad55cd8adc9df4f0f8ae3e7d6844091c712fb94a2c0a0915890f49e9b21ed3b
-
Size
293KB
-
Sample
221106-kbcf5sebbl
-
MD5
3138b27c92313e95ad7faa175b1b0170
-
SHA1
fd846b03aa6a95d3a132e7b2cfe62926a8a7119c
-
SHA256
7ad55cd8adc9df4f0f8ae3e7d6844091c712fb94a2c0a0915890f49e9b21ed3b
-
SHA512
7f6aa28c8b6389da7281e555cee4f42d3d3e7b14a08ff9b9ae1daa20aa72fe5a428fc15586c85e9bb43c68b9c5c8643364d6fdea749c9bae3b1a8ef1b8d8d72c
-
SSDEEP
6144:Y2EABmlDWhTbaqoJipBoYiWvRu1wjHXFjjy76oLjGB6s:Y5ABmBEaEvReojs6oC6s
Malware Config
Targets
-
-
Target
7ad55cd8adc9df4f0f8ae3e7d6844091c712fb94a2c0a0915890f49e9b21ed3b
-
Size
293KB
-
MD5
3138b27c92313e95ad7faa175b1b0170
-
SHA1
fd846b03aa6a95d3a132e7b2cfe62926a8a7119c
-
SHA256
7ad55cd8adc9df4f0f8ae3e7d6844091c712fb94a2c0a0915890f49e9b21ed3b
-
SHA512
7f6aa28c8b6389da7281e555cee4f42d3d3e7b14a08ff9b9ae1daa20aa72fe5a428fc15586c85e9bb43c68b9c5c8643364d6fdea749c9bae3b1a8ef1b8d8d72c
-
SSDEEP
6144:Y2EABmlDWhTbaqoJipBoYiWvRu1wjHXFjjy76oLjGB6s:Y5ABmBEaEvReojs6oC6s
Score8/10-
Executes dropped EXE
-
Deletes itself
-
Loads dropped DLL
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Suspicious use of SetThreadContext
-