General
-
Target
9213b1e2f391037fbc9e6e69b07c2fd962bbc3d11beff4d07945a2776c8a966f
-
Size
290KB
-
Sample
221203-xm8d6sff67
-
MD5
8add8b6b2270c21c59bcd4aae641a432
-
SHA1
6176052e24ac53e784e493a652034b8b792dc836
-
SHA256
9213b1e2f391037fbc9e6e69b07c2fd962bbc3d11beff4d07945a2776c8a966f
-
SHA512
0286fc08763ff0e1e6f3e44b71947d1e8a5fbd032a929b41914c421528ce9713bffd51d23feb3e1a4315b35f32eaaf09830ffc498f16ef16e96d0d6318eda5db
-
SSDEEP
6144:4/u/NGn9a3Ku42+uBIW0KzkWdoJts8RuSMSZGpJ4ZZsFOs:4/INm9KKuF+uihKz1dVKsrF
Malware Config
Targets
-
-
Target
9213b1e2f391037fbc9e6e69b07c2fd962bbc3d11beff4d07945a2776c8a966f
-
Size
290KB
-
MD5
8add8b6b2270c21c59bcd4aae641a432
-
SHA1
6176052e24ac53e784e493a652034b8b792dc836
-
SHA256
9213b1e2f391037fbc9e6e69b07c2fd962bbc3d11beff4d07945a2776c8a966f
-
SHA512
0286fc08763ff0e1e6f3e44b71947d1e8a5fbd032a929b41914c421528ce9713bffd51d23feb3e1a4315b35f32eaaf09830ffc498f16ef16e96d0d6318eda5db
-
SSDEEP
6144:4/u/NGn9a3Ku42+uBIW0KzkWdoJts8RuSMSZGpJ4ZZsFOs:4/INm9KKuF+uihKz1dVKsrF
Score10/10-
Modifies firewall policy service
-
UAC bypass
-
Executes dropped EXE
-
Modifies Installed Components in the registry
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-
Loads dropped DLL
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Adds Run key to start application
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-