General
-
Target
62d78ad3b7bf9441610d114bfc28ba98e3b837ce31418f47938609ac842b25d8
-
Size
1.1MB
-
Sample
221125-kkdqkaeb35
-
MD5
589e542e797c5853842d692221855347
-
SHA1
180fb3a204a3b6b54e349de423be054affb2aecf
-
SHA256
62d78ad3b7bf9441610d114bfc28ba98e3b837ce31418f47938609ac842b25d8
-
SHA512
34a62809c8ae47cd988f80565492346c87a30ce13781dbc9c6a12ce93e17925ea12458bc6b384c0da905a249f0c3275bb9188b5df9cb8fa912aad666d7c4429c
-
SSDEEP
3072:aSsvihLlTQz9z71iURo2SJJmY6uFNcgifDbmeTXwVdBR:rsqhJMxzJiU5SeLmNSbmebW1
Malware Config
Targets
-
-
Target
62d78ad3b7bf9441610d114bfc28ba98e3b837ce31418f47938609ac842b25d8
-
Size
1.1MB
-
MD5
589e542e797c5853842d692221855347
-
SHA1
180fb3a204a3b6b54e349de423be054affb2aecf
-
SHA256
62d78ad3b7bf9441610d114bfc28ba98e3b837ce31418f47938609ac842b25d8
-
SHA512
34a62809c8ae47cd988f80565492346c87a30ce13781dbc9c6a12ce93e17925ea12458bc6b384c0da905a249f0c3275bb9188b5df9cb8fa912aad666d7c4429c
-
SSDEEP
3072:aSsvihLlTQz9z71iURo2SJJmY6uFNcgifDbmeTXwVdBR:rsqhJMxzJiU5SeLmNSbmebW1
Score10/10-
Suspicious use of NtCreateUserProcessOtherParentProcess
-
Adds policy Run key to start application
-
Executes dropped EXE
-
Sets file execution options in registry
-
Drops startup file
-
Loads dropped DLL
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-