General
-
Target
0792e8497d8a29e9d8927ef8acb9c7e92f92bd976e95394c69f8b16dab924070
-
Size
10.8MB
-
Sample
221124-exmw4sgg26
-
MD5
a37dd0c24d303408e5d656532a20afd1
-
SHA1
08b49aef84d1416fa5123b478f567dfc329fb7ee
-
SHA256
0792e8497d8a29e9d8927ef8acb9c7e92f92bd976e95394c69f8b16dab924070
-
SHA512
55e7ffcb770450423c8a3d020008ba5dcc7f1bcb28cae8935ee854cd55ed81b1362e1c7846cb525fbd718cce0602f945789bf362206160e5597b33b57c8e88f3
-
SSDEEP
196608:G3qLfCYlul+oaoOlj+RiKopfnbsTV10zhhdmgTkOfo8MvcagklqklYssoSz/Mk7i:G6L3l1vj+RiPhAV1AhbTI8MEagklqklE
Malware Config
Targets
-
-
Target
0792e8497d8a29e9d8927ef8acb9c7e92f92bd976e95394c69f8b16dab924070
-
Size
10.8MB
-
MD5
a37dd0c24d303408e5d656532a20afd1
-
SHA1
08b49aef84d1416fa5123b478f567dfc329fb7ee
-
SHA256
0792e8497d8a29e9d8927ef8acb9c7e92f92bd976e95394c69f8b16dab924070
-
SHA512
55e7ffcb770450423c8a3d020008ba5dcc7f1bcb28cae8935ee854cd55ed81b1362e1c7846cb525fbd718cce0602f945789bf362206160e5597b33b57c8e88f3
-
SSDEEP
196608:G3qLfCYlul+oaoOlj+RiKopfnbsTV10zhhdmgTkOfo8MvcagklqklYssoSz/Mk7i:G6L3l1vj+RiPhAV1AhbTI8MEagklqklE
Score9/10-
ACProtect 1.3x - 1.4x DLL software
Detects file using ACProtect software.
-
Checks for common network interception software
Looks in the registry for tools like Wireshark or Fiddler commonly used to analyze network activity.
-
Executes dropped EXE
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-
Loads dropped DLL
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-