General
-
Target
15940963f5cd71e4a9f686a383211663cc501ffe34ffd9582c1300af4d56b351
-
Size
194KB
-
Sample
221128-fdzx1afe24
-
MD5
33149556181719096a9870e2897ad643
-
SHA1
5595d547b618d4908504fc27acf13e8241f69965
-
SHA256
15940963f5cd71e4a9f686a383211663cc501ffe34ffd9582c1300af4d56b351
-
SHA512
0112397627dbd2065fbff3d2645129319aa146cc3d4d177ca42cf001afde9862e0952033997d95a278959fe8cc300ada9563ae6873c64dfa351fa369855919bf
-
SSDEEP
3072:Uv5ChRQUknU7TfNMXgSrayXVE9y4qQDHg2EPkoTrEsjHZvQ3hl43vpMvxGWqB2cK:dh6zU7T1DylEtDAvPJTrF5vQ37IM
Malware Config
Targets
-
-
Target
15940963f5cd71e4a9f686a383211663cc501ffe34ffd9582c1300af4d56b351
-
Size
194KB
-
MD5
33149556181719096a9870e2897ad643
-
SHA1
5595d547b618d4908504fc27acf13e8241f69965
-
SHA256
15940963f5cd71e4a9f686a383211663cc501ffe34ffd9582c1300af4d56b351
-
SHA512
0112397627dbd2065fbff3d2645129319aa146cc3d4d177ca42cf001afde9862e0952033997d95a278959fe8cc300ada9563ae6873c64dfa351fa369855919bf
-
SSDEEP
3072:Uv5ChRQUknU7TfNMXgSrayXVE9y4qQDHg2EPkoTrEsjHZvQ3hl43vpMvxGWqB2cK:dh6zU7T1DylEtDAvPJTrF5vQ37IM
Score8/10-
Blocklisted process makes network request
-
Loads dropped DLL
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Accesses Microsoft Outlook profiles
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-