General
-
Target
f8160611aa11d3c6053bde574447d26e97263363e0e8bc19768a63357ad4c758
-
Size
2.5MB
-
Sample
221204-jfnvasdb2t
-
MD5
2a73ba8f4c81c5b84e14bb47398ead7d
-
SHA1
9e1ff4982c2e4561831ee0c0f54fc5f41d393c8c
-
SHA256
f8160611aa11d3c6053bde574447d26e97263363e0e8bc19768a63357ad4c758
-
SHA512
914db18cb57f57990e2048f643e0fdfb22fc55fb3a691ab86568552fe6edfa1430c6c5024d7ff7192c3eacf49a1044f09c809be061e159aca284ff3333e76955
-
SSDEEP
49152:1KNZEMvH3EhrSfioXGqg/2Af35m/o9Tr:G9P06zXTg/2iJmk
Malware Config
Targets
-
-
Target
f8160611aa11d3c6053bde574447d26e97263363e0e8bc19768a63357ad4c758
-
Size
2.5MB
-
MD5
2a73ba8f4c81c5b84e14bb47398ead7d
-
SHA1
9e1ff4982c2e4561831ee0c0f54fc5f41d393c8c
-
SHA256
f8160611aa11d3c6053bde574447d26e97263363e0e8bc19768a63357ad4c758
-
SHA512
914db18cb57f57990e2048f643e0fdfb22fc55fb3a691ab86568552fe6edfa1430c6c5024d7ff7192c3eacf49a1044f09c809be061e159aca284ff3333e76955
-
SSDEEP
49152:1KNZEMvH3EhrSfioXGqg/2Af35m/o9Tr:G9P06zXTg/2iJmk
Score10/10-
UAC bypass
-
Drops file in Drivers directory
-
Sets file execution options in registry
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-
Loads dropped DLL
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Adds Run key to start application
-
Checks for any installed AV software in registry
-
Checks whether UAC is enabled
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-