General
-
Target
ddc3fcf2b02ad4b657e87fcfcc279ee294304823c348814dd6f3e060be620013
-
Size
12.0MB
-
Sample
221126-e4pdhsca36
-
MD5
aa3ec0f7203921304247f150584b9695
-
SHA1
e1ef9f09b77d669dbf646a7b9d0a3c96d8ef5437
-
SHA256
ddc3fcf2b02ad4b657e87fcfcc279ee294304823c348814dd6f3e060be620013
-
SHA512
ef1d992c5f84ae3139a6d297f9074b1680ab4fbf46f650b2f3dc722901be645bdf19fc1b900c4d8be1c2f830157d5600605ce9864f874f59cb76c3a6e990675a
-
SSDEEP
196608:rd2ZMaYURyYGnzA2htJf1a29nheQ1Mq8qJN90bf7G/KD9jx3LnfdTF7coC6Y:rdUMaRyYGnftJta29he3qtN902gx3Lly
Malware Config
Targets
-
-
Target
ddc3fcf2b02ad4b657e87fcfcc279ee294304823c348814dd6f3e060be620013
-
Size
12.0MB
-
MD5
aa3ec0f7203921304247f150584b9695
-
SHA1
e1ef9f09b77d669dbf646a7b9d0a3c96d8ef5437
-
SHA256
ddc3fcf2b02ad4b657e87fcfcc279ee294304823c348814dd6f3e060be620013
-
SHA512
ef1d992c5f84ae3139a6d297f9074b1680ab4fbf46f650b2f3dc722901be645bdf19fc1b900c4d8be1c2f830157d5600605ce9864f874f59cb76c3a6e990675a
-
SSDEEP
196608:rd2ZMaYURyYGnzA2htJf1a29nheQ1Mq8qJN90bf7G/KD9jx3LnfdTF7coC6Y:rdUMaRyYGnftJta29he3qtN902gx3Lly
Score9/10-
ACProtect 1.3x - 1.4x DLL software
Detects file using ACProtect software.
-
Checks for common network interception software
Looks in the registry for tools like Wireshark or Fiddler commonly used to analyze network activity.
-
Executes dropped EXE
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-
Loads dropped DLL
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-