General
-
Target
1cc71ef6969c64245fa7a1c7d66447f837c457f151f5b24b4bf35b1b0c2c7ab5
-
Size
938KB
-
Sample
230418-w361lsfa6w
-
MD5
07b44ece8009a315545a2a56854d1d86
-
SHA1
c6fb77651b69e2d4a9ae4e02c872b4f630fbfbe5
-
SHA256
1cc71ef6969c64245fa7a1c7d66447f837c457f151f5b24b4bf35b1b0c2c7ab5
-
SHA512
069f66a824fb62949764b278601cecbe4c853dc9c383f306642b52b53831ccf5219edc2dee66c9f5d62c0e9e27fd87b6a703ed96e2fa2e773c12882a05f823da
-
SSDEEP
12288:+y903cS2dmzM1gZY9kEqWW9ltVYHSaS5TLmxb+K2APDX6l5ll0NYISKeiesUL0ZW:+y0FjTY5qj1UULab97e07is80rk
Malware Config
Targets
-
-
Target
1cc71ef6969c64245fa7a1c7d66447f837c457f151f5b24b4bf35b1b0c2c7ab5
-
Size
938KB
-
MD5
07b44ece8009a315545a2a56854d1d86
-
SHA1
c6fb77651b69e2d4a9ae4e02c872b4f630fbfbe5
-
SHA256
1cc71ef6969c64245fa7a1c7d66447f837c457f151f5b24b4bf35b1b0c2c7ab5
-
SHA512
069f66a824fb62949764b278601cecbe4c853dc9c383f306642b52b53831ccf5219edc2dee66c9f5d62c0e9e27fd87b6a703ed96e2fa2e773c12882a05f823da
-
SSDEEP
12288:+y903cS2dmzM1gZY9kEqWW9ltVYHSaS5TLmxb+K2APDX6l5ll0NYISKeiesUL0ZW:+y0FjTY5qj1UULab97e07is80rk
Score10/10-
Modifies Windows Defender Real-time Protection settings
-
Executes dropped EXE
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Windows security modification
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-