General
-
Target
c4ba030e76f1957f3100a251345eecaeab6449725a5f60f9e118881b0b1017d3
-
Size
2.8MB
-
Sample
221128-nppkeaeh6s
-
MD5
07d12df94ad329cd0ac45eaaf1ae4778
-
SHA1
437b6a50859abb489521a012af36c38adbf10592
-
SHA256
c4ba030e76f1957f3100a251345eecaeab6449725a5f60f9e118881b0b1017d3
-
SHA512
59e5989bd566f6dc461d5510baac02c02b6aa99ee4c0fe92fb8833305ed1d78bf7f17165335e0e2254315e94f20cc7e39cd52a3fff97fd90ce77831491b94a16
-
SSDEEP
49152:gbCjPKNqQNB3f+PNSpO/UfaSovRrpceaLXhVm9amgryw8:ICjPKNW
Malware Config
Targets
-
-
Target
c4ba030e76f1957f3100a251345eecaeab6449725a5f60f9e118881b0b1017d3
-
Size
2.8MB
-
MD5
07d12df94ad329cd0ac45eaaf1ae4778
-
SHA1
437b6a50859abb489521a012af36c38adbf10592
-
SHA256
c4ba030e76f1957f3100a251345eecaeab6449725a5f60f9e118881b0b1017d3
-
SHA512
59e5989bd566f6dc461d5510baac02c02b6aa99ee4c0fe92fb8833305ed1d78bf7f17165335e0e2254315e94f20cc7e39cd52a3fff97fd90ce77831491b94a16
-
SSDEEP
49152:gbCjPKNqQNB3f+PNSpO/UfaSovRrpceaLXhVm9amgryw8:ICjPKNW
Score8/10-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-
Reads local data of messenger clients
Infostealers often target stored data of messaging applications, which can include saved credentials and account information.
-
Uses the VBS compiler for execution
-
Accesses Microsoft Outlook accounts
-
Checks for any installed AV software in registry
-
Suspicious use of SetThreadContext
-