General
-
Target
c1edb58490c1f76013cf5c709a4eff08050fe0bac41939785009bdb693be0468
-
Size
938KB
-
Sample
230224-2gvncaba6t
-
MD5
923a5ca3ef3ddec2506d0bffbae51930
-
SHA1
b616b545db7cdef13318fa82a54ba8ad1878ec62
-
SHA256
c1edb58490c1f76013cf5c709a4eff08050fe0bac41939785009bdb693be0468
-
SHA512
20d779185d9d151eec4a61f7c73f6de4b8c1b611d99f4f0a77338dfb74a6f73f370fc50f2414df3e21cd12e113fc68025b22cf80f609e0a8ea15fcc5309a4f3f
-
SSDEEP
24576:6Ex45zxI+snI9LdylLNYvUVRIOkni05CQ:WzxIXnI9LdylZYv0jki
Malware Config
Targets
-
-
Target
c1edb58490c1f76013cf5c709a4eff08050fe0bac41939785009bdb693be0468
-
Size
938KB
-
MD5
923a5ca3ef3ddec2506d0bffbae51930
-
SHA1
b616b545db7cdef13318fa82a54ba8ad1878ec62
-
SHA256
c1edb58490c1f76013cf5c709a4eff08050fe0bac41939785009bdb693be0468
-
SHA512
20d779185d9d151eec4a61f7c73f6de4b8c1b611d99f4f0a77338dfb74a6f73f370fc50f2414df3e21cd12e113fc68025b22cf80f609e0a8ea15fcc5309a4f3f
-
SSDEEP
24576:6Ex45zxI+snI9LdylLNYvUVRIOkni05CQ:WzxIXnI9LdylZYv0jki
Score10/10-
Modifies visibility of file extensions in Explorer
-
Modifies visiblity of hidden/system files in Explorer
-
UAC bypass
-
Disables taskbar notifications via registry modification
-
Possible privilege escalation attempt
-
Sets file to hidden
Modifies file attributes to stop it showing in Explorer etc.
-
Deletes itself
-
Executes dropped EXE
-
Modifies file permissions
-
Modifies system executable filetype association
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-
Adds Run key to start application
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
AutoIT Executable
AutoIT scripts compiled to PE executables.
-
MITRE ATT&CK Matrix ATT&CK v6
Persistence
Hidden Files and Directories
4Change Default File Association
1Registry Run Keys / Startup Folder
1Defense Evasion
Hidden Files and Directories
4Modify Registry
10Bypass User Account Control
1Disabling Security Tools
1File Permissions Modification
1