General
-
Target
671b3955cedb36cb9ee90c3dd64db3f0bd970a9e39071b6e098c0ef9393965bf
-
Size
1.6MB
-
Sample
221202-125tdach4s
-
MD5
a1761688fadf0a3f22a99ab34de7efc6
-
SHA1
a2265424a30b0646ce7139ba6cebe48498016eda
-
SHA256
671b3955cedb36cb9ee90c3dd64db3f0bd970a9e39071b6e098c0ef9393965bf
-
SHA512
a75fb350dac6a44c50db0b20dc444848fc01a745bad40f05e1a7b980feab5e768785ce2569a008403b15ae95e0a03eb5881956a8ccee5cc683cf96ce2e35efb7
-
SSDEEP
49152:hkK5IVKw/au2e4FE2UgJlLQ7adasXTYjnbIs:azauKZU1adas0jbZ
Malware Config
Targets
-
-
Target
671b3955cedb36cb9ee90c3dd64db3f0bd970a9e39071b6e098c0ef9393965bf
-
Size
1.6MB
-
MD5
a1761688fadf0a3f22a99ab34de7efc6
-
SHA1
a2265424a30b0646ce7139ba6cebe48498016eda
-
SHA256
671b3955cedb36cb9ee90c3dd64db3f0bd970a9e39071b6e098c0ef9393965bf
-
SHA512
a75fb350dac6a44c50db0b20dc444848fc01a745bad40f05e1a7b980feab5e768785ce2569a008403b15ae95e0a03eb5881956a8ccee5cc683cf96ce2e35efb7
-
SSDEEP
49152:hkK5IVKw/au2e4FE2UgJlLQ7adasXTYjnbIs:azauKZU1adas0jbZ
Score10/10-
Suspicious use of NtCreateUserProcessOtherParentProcess
-
Executes dropped EXE
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Checks whether UAC is enabled
-