General
-
Target
90d00f604f9a5531fdcb696e270b6c6ffca81e03903392a20adb6bcb4fd291eb
-
Size
1.1MB
-
Sample
230105-ft47naba24
-
MD5
4d7b1f535d7b5681e514410b3beb1f45
-
SHA1
b92a91cc38eec5ac51e06f2c3f0f062801066c4a
-
SHA256
90d00f604f9a5531fdcb696e270b6c6ffca81e03903392a20adb6bcb4fd291eb
-
SHA512
0c7401b2e54d2ed8775147edffe256e3bfc647ddedc34cdb8dbd250485aba91d304b9a3095c7a0cd30a44650ed7979094b556e886bce9fd804166ac4faa9e868
-
SSDEEP
24576:F2g7O+em1A+9B9Bf9DNt3u6S2zirWadURMUEBoUYL:FveojdXFXzy3UReBop
Malware Config
Targets
-
-
Target
90d00f604f9a5531fdcb696e270b6c6ffca81e03903392a20adb6bcb4fd291eb
-
Size
1.1MB
-
MD5
4d7b1f535d7b5681e514410b3beb1f45
-
SHA1
b92a91cc38eec5ac51e06f2c3f0f062801066c4a
-
SHA256
90d00f604f9a5531fdcb696e270b6c6ffca81e03903392a20adb6bcb4fd291eb
-
SHA512
0c7401b2e54d2ed8775147edffe256e3bfc647ddedc34cdb8dbd250485aba91d304b9a3095c7a0cd30a44650ed7979094b556e886bce9fd804166ac4faa9e868
-
SSDEEP
24576:F2g7O+em1A+9B9Bf9DNt3u6S2zirWadURMUEBoUYL:FveojdXFXzy3UReBop
Score8/10-
Blocklisted process makes network request
-
Sets DLL path for service in the registry
-
Sets service image path in registry
-
Loads dropped DLL
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Accesses Microsoft Outlook accounts
-
Accesses Microsoft Outlook profiles
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Suspicious use of SetThreadContext
-