Extracted

• • Target

    be993277e71fd91453651b5960088c71cc430ff6750b8c73b56586d5203921a8

  • Size

    214KB

  • MD5

    25364a4e054cbfe90968028b3de3dba0

  • SHA1

    8379182160adba00c2c84cc7c92146a54e1ceef9

  • SHA256

    be993277e71fd91453651b5960088c71cc430ff6750b8c73b56586d5203921a8

  • SHA512

    d24f8e0d7b01a0dd453fd51ebafd0b6cd1ac02e61b9019d19ce99b8757f3361850297aab4ec54b0190764b27d861e0e81a393b03067d5caf5b00dbe112ca071b

  • SSDEEP

    3072:ZSDuGtVVkJpJpkmMZSlYOUxALuiWGjolObzUtwp34d:2wJpJNYOUxku1GzzU24d

  Score

  10^/10

  evasionpersistencespywarestealertrojan

  • UAC bypass

    evasiontrojan

  • Disables RegEdit via registry modification

    evasion

  • Disables Task Manager via registry modification

    evasion

  • Drops file in Drivers directory

  • Reads user/profile data of web browsers

    Infostealers often target stored browser data, which can include saved credentials etc.

    spywarestealer

  • Adds Run key to start application

    persistence

  • Checks whether UAC is enabled

    evasiontrojan
  behavioral1behavioral2