General
-
Target
2a0cecea01d9589cbcd501d0cec445fd17494f4563a0f6a7f2a00fb95a201c57
-
Size
1.5MB
-
Sample
221127-a5jr7sge53
-
MD5
ed7d87aea580e59df697b7a94c9e37a1
-
SHA1
24be053ab69ff5eae450a96954eb76e952232892
-
SHA256
2a0cecea01d9589cbcd501d0cec445fd17494f4563a0f6a7f2a00fb95a201c57
-
SHA512
ccaa97b1072e3e9ea509c14329b33db2ddccf87e40a49a3dee831b89a5aa9e7e0bb854ff65ebec41f186dfd9840a1945c471043dfec9f021e9d0bfd64d0277e1
-
SSDEEP
24576:+UdfDRueyuivOwaptdEWp4wtk57YRnttGFcq9qWo6+DmaAsRXu7QNli4yu6D2P4V:LfmVvTapcWp42AMRmwWr+6IU4yu6qPyv
Malware Config
Targets
-
-
Target
2a0cecea01d9589cbcd501d0cec445fd17494f4563a0f6a7f2a00fb95a201c57
-
Size
1.5MB
-
MD5
ed7d87aea580e59df697b7a94c9e37a1
-
SHA1
24be053ab69ff5eae450a96954eb76e952232892
-
SHA256
2a0cecea01d9589cbcd501d0cec445fd17494f4563a0f6a7f2a00fb95a201c57
-
SHA512
ccaa97b1072e3e9ea509c14329b33db2ddccf87e40a49a3dee831b89a5aa9e7e0bb854ff65ebec41f186dfd9840a1945c471043dfec9f021e9d0bfd64d0277e1
-
SSDEEP
24576:+UdfDRueyuivOwaptdEWp4wtk57YRnttGFcq9qWo6+DmaAsRXu7QNli4yu6D2P4V:LfmVvTapcWp42AMRmwWr+6IU4yu6qPyv
Score8/10-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-
Suspicious use of SetThreadContext
-