General
-
Target
763225adfc440ff496e5fb3ddfadf95057f1a20b9cd29fbefb2d72b5ab44b3fc
-
Size
221KB
-
Sample
221206-w94ttsff3z
-
MD5
0b8e611a5d9820e5709dabac3728afc0
-
SHA1
af8a4552eb2c1accc38b2c3953b1e9b32f64527a
-
SHA256
763225adfc440ff496e5fb3ddfadf95057f1a20b9cd29fbefb2d72b5ab44b3fc
-
SHA512
c4627ffab3314c3d26a5467f197a8762c91305d1abc1fdd89f8153fa57a0f3f4e88d05c6f7b5211152732bb5da08649912fc564e0513d8d363c543b549040459
-
SSDEEP
6144:w0i0DhlSlqqDLPyO06ODvcDjoG1oPKajg3GqVmnO76kL:w0i0DhlBqnGcDjoGyPKaE3Dd7XL
Malware Config
Targets
-
-
Target
763225adfc440ff496e5fb3ddfadf95057f1a20b9cd29fbefb2d72b5ab44b3fc
-
Size
221KB
-
MD5
0b8e611a5d9820e5709dabac3728afc0
-
SHA1
af8a4552eb2c1accc38b2c3953b1e9b32f64527a
-
SHA256
763225adfc440ff496e5fb3ddfadf95057f1a20b9cd29fbefb2d72b5ab44b3fc
-
SHA512
c4627ffab3314c3d26a5467f197a8762c91305d1abc1fdd89f8153fa57a0f3f4e88d05c6f7b5211152732bb5da08649912fc564e0513d8d363c543b549040459
-
SSDEEP
6144:w0i0DhlSlqqDLPyO06ODvcDjoG1oPKajg3GqVmnO76kL:w0i0DhlBqnGcDjoGyPKaE3Dd7XL
Score8/10-
Executes dropped EXE
-
Deletes itself
-
Loads dropped DLL
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Suspicious use of SetThreadContext
-