General
-
Target
2510e5c068e6d5a42ac3795479744e6d45231559bc991286e1c9abf8392b60ff
-
Size
249KB
-
Sample
221202-bwqptsae45
-
MD5
a603393d6e11fafd2a5c67a0c1da8593
-
SHA1
d9c933673bb0ff8e70ea446318cced30a471225c
-
SHA256
2510e5c068e6d5a42ac3795479744e6d45231559bc991286e1c9abf8392b60ff
-
SHA512
4a41816343c82b2204943f7ce88cdde3ee2d27d94096e6d44e8bff2548c1ae15470dcaaa2aa3f3ce9a698eec021f5eb4814603726fe1ea2dea6f360f7bc7dcbf
-
SSDEEP
6144:h1OgDPdkBAFZWjadD4s5/n/yGrt+u/WKRMYLGOwqMm8:h1OgLdaOCGrt+u/+YLGtm8
Malware Config
Targets
-
-
Target
2510e5c068e6d5a42ac3795479744e6d45231559bc991286e1c9abf8392b60ff
-
Size
249KB
-
MD5
a603393d6e11fafd2a5c67a0c1da8593
-
SHA1
d9c933673bb0ff8e70ea446318cced30a471225c
-
SHA256
2510e5c068e6d5a42ac3795479744e6d45231559bc991286e1c9abf8392b60ff
-
SHA512
4a41816343c82b2204943f7ce88cdde3ee2d27d94096e6d44e8bff2548c1ae15470dcaaa2aa3f3ce9a698eec021f5eb4814603726fe1ea2dea6f360f7bc7dcbf
-
SSDEEP
6144:h1OgDPdkBAFZWjadD4s5/n/yGrt+u/WKRMYLGOwqMm8:h1OgLdaOCGrt+u/+YLGtm8
Score9/10-
ACProtect 1.3x - 1.4x DLL software
Detects file using ACProtect software.
-
Executes dropped EXE
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-
Loads dropped DLL
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Installs/modifies Browser Helper Object
BHOs are DLL modules which act as plugins for Internet Explorer.
-