Extracted

• • Target

    1e4e62fe9bbe9a19978b3dc4f7b7ef41bbd555e6e78db.exe

  • Size

    292KB

  • MD5

    252a2921b046023bc69dc7abab70a73b

  • SHA1

    ded51e77e9f2d1a7ed15e03511785930b040e79d

  • SHA256

    1e4e62fe9bbe9a19978b3dc4f7b7ef41bbd555e6e78db4407545b9a845061e24

  • SHA512

    b9738aad44894f61d9ccdbe18e549177f52a8421615930b3c510e82e09f15d5a1cee66a5b03ef7f26ed28374ad8853ed07a64c939af33c66ac4a28d78a017bd9

  • SSDEEP

    6144:HIgiKxtFbLGxHNJPrcUoSSwu5To9j5nmnaaf9Bg+RhbqUYH:HfFPGJrcUoSSwu5To9jQnao9BrRhb

  Score

  7^/10

  discoveryspywarestealer

  • Deletes itself

  • Loads dropped DLL

  • Reads user/profile data of web browsers

    Infostealers often target stored browser data, which can include saved credentials etc.

    spywarestealer

  • Accesses 2FA software files, possible credential harvesting

    spywarestealer

  • Accesses cryptocurrency files/wallets, possible credential harvesting

    spyware

  • Checks installed software on the system

    Looks up Uninstall key entries in the registry to enumerate software on the system.

    discovery
  behavioral1behavioral2