General
-
Target
d1b3f9f1d24e8e7375366532b988ac2000337649046051a90d3879d08355f626
-
Size
1.5MB
-
Sample
221127-fjgzdaba43
-
MD5
f376db88c41c6ab39ca4b3e295f9a61f
-
SHA1
56453ecfde1177eed45378bce4a88e5eb478907f
-
SHA256
d1b3f9f1d24e8e7375366532b988ac2000337649046051a90d3879d08355f626
-
SHA512
5e2cdc5a3597d2f431e171dcf1e4f3cfd3f46f7c93975ecf14633cfb510e7c4c653bbdd5394436bb0575334664832fdc58dda63d005305ae2a5fdf33c73e754d
-
SSDEEP
24576:IUiSvyWK9bXRd1JlgpfWmvsTTXAbImjrXHxTj+ev5R4M3TQ1+t+gXxzRo3sqW2YN:mSv74bxgp+hTDAdf1DR48Q1WM3sDsng
Malware Config
Targets
-
-
Target
d1b3f9f1d24e8e7375366532b988ac2000337649046051a90d3879d08355f626
-
Size
1.5MB
-
MD5
f376db88c41c6ab39ca4b3e295f9a61f
-
SHA1
56453ecfde1177eed45378bce4a88e5eb478907f
-
SHA256
d1b3f9f1d24e8e7375366532b988ac2000337649046051a90d3879d08355f626
-
SHA512
5e2cdc5a3597d2f431e171dcf1e4f3cfd3f46f7c93975ecf14633cfb510e7c4c653bbdd5394436bb0575334664832fdc58dda63d005305ae2a5fdf33c73e754d
-
SSDEEP
24576:IUiSvyWK9bXRd1JlgpfWmvsTTXAbImjrXHxTj+ev5R4M3TQ1+t+gXxzRo3sqW2YN:mSv74bxgp+hTDAdf1DR48Q1WM3sDsng
Score8/10-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-
Suspicious use of SetThreadContext
-