General
-
Target
4fd0be2f1b6c0873f9ec259990f8995fec3a75917c654b5cc26be526d5959741
-
Size
1.0MB
-
Sample
221223-mn7txsbe4t
-
MD5
052b99f0511358c941e75a2556c7b5c3
-
SHA1
d5f01d0937486cfc293385ee168a59f6a6e37e9e
-
SHA256
4fd0be2f1b6c0873f9ec259990f8995fec3a75917c654b5cc26be526d5959741
-
SHA512
26313a66a47f27b24891e13a97e0929412e4a883a0bad61a0ad631be9704e142caed7c5ff481e4f317362941cd856d217f133ca9e66bcee67f8018b659aba404
-
SSDEEP
24576:mr0j+JwMtpYK0SkmLSxfznmKXDd6obXBjpIK:Q0LKVcbZDBjpIK
Malware Config
Targets
-
-
Target
4fd0be2f1b6c0873f9ec259990f8995fec3a75917c654b5cc26be526d5959741
-
Size
1.0MB
-
MD5
052b99f0511358c941e75a2556c7b5c3
-
SHA1
d5f01d0937486cfc293385ee168a59f6a6e37e9e
-
SHA256
4fd0be2f1b6c0873f9ec259990f8995fec3a75917c654b5cc26be526d5959741
-
SHA512
26313a66a47f27b24891e13a97e0929412e4a883a0bad61a0ad631be9704e142caed7c5ff481e4f317362941cd856d217f133ca9e66bcee67f8018b659aba404
-
SSDEEP
24576:mr0j+JwMtpYK0SkmLSxfznmKXDd6obXBjpIK:Q0LKVcbZDBjpIK
Score8/10-
Blocklisted process makes network request
-
Sets DLL path for service in the registry
-
Sets service image path in registry
-
Loads dropped DLL
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Accesses Microsoft Outlook accounts
-
Accesses Microsoft Outlook profiles
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Suspicious use of SetThreadContext
-