General
-
Target
705847867544ea845f3c1c2b461e6f388b8a5b106629da5e84f1540d476f12de
-
Size
3.7MB
-
Sample
230206-3xxnbage42
-
MD5
545476f772284a99392efe573f688e63
-
SHA1
54e49117b3d6cb3475d5ca9a0264f596fa6c1d5d
-
SHA256
705847867544ea845f3c1c2b461e6f388b8a5b106629da5e84f1540d476f12de
-
SHA512
5b58830b3d4ad9cf8cd86db52a4057a5582466cc61a5ceaf3bc45c0615702470c6c37c269e6ee1cc48fd37129e3f88adcfd04bf2e074cf042665ef8d98ac1552
-
SSDEEP
98304:Cac2UhcDHuqDw7euNGV6XYa11p8PdwNK/sjy:vvbDH47emX78ues
Malware Config
Targets
-
-
Target
705847867544ea845f3c1c2b461e6f388b8a5b106629da5e84f1540d476f12de
-
Size
3.7MB
-
MD5
545476f772284a99392efe573f688e63
-
SHA1
54e49117b3d6cb3475d5ca9a0264f596fa6c1d5d
-
SHA256
705847867544ea845f3c1c2b461e6f388b8a5b106629da5e84f1540d476f12de
-
SHA512
5b58830b3d4ad9cf8cd86db52a4057a5582466cc61a5ceaf3bc45c0615702470c6c37c269e6ee1cc48fd37129e3f88adcfd04bf2e074cf042665ef8d98ac1552
-
SSDEEP
98304:Cac2UhcDHuqDw7euNGV6XYa11p8PdwNK/sjy:vvbDH47emX78ues
Score8/10-
Blocklisted process makes network request
-
Loads dropped DLL
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Accesses Microsoft Outlook accounts
-
Accesses Microsoft Outlook profiles
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Suspicious use of SetThreadContext
-