General
-
Target
OP Password Guesser get fucked LOL.exe
-
Size
7.3MB
-
Sample
230419-qczkysce4s
-
MD5
4c17df4151cdd2add3ffd2e4a8a633bb
-
SHA1
9f4c7cc9a92ee4e0492eb3805934939473745b7c
-
SHA256
f460049d665a96f2ca9b5c2a75239654142cd17a3009f022a411285f50d1304b
-
SHA512
ad040c29fe70dc203aa6e609c04560a193316ac96f880642392ca504ae91118d565dbcbeb721b7ec1fd99fb99e9ae6c084bb03d9a8630330a2a8e458842dfb32
-
SSDEEP
196608:0TYzih8FwjdaeNWFJMIDJRZgsAGKlRugFaZy7:6YzLF8WFqyLgsSu6n
Malware Config
Targets
-
-
Target
OP Password Guesser get fucked LOL.exe
-
Size
7.3MB
-
MD5
4c17df4151cdd2add3ffd2e4a8a633bb
-
SHA1
9f4c7cc9a92ee4e0492eb3805934939473745b7c
-
SHA256
f460049d665a96f2ca9b5c2a75239654142cd17a3009f022a411285f50d1304b
-
SHA512
ad040c29fe70dc203aa6e609c04560a193316ac96f880642392ca504ae91118d565dbcbeb721b7ec1fd99fb99e9ae6c084bb03d9a8630330a2a8e458842dfb32
-
SSDEEP
196608:0TYzih8FwjdaeNWFJMIDJRZgsAGKlRugFaZy7:6YzLF8WFqyLgsSu6n
Score9/10-
NirSoft WebBrowserPassView
Password recovery tool for various web browsers
-
Nirsoft
-
Executes dropped EXE
-
Loads dropped DLL
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-
Legitimate hosting services abused for malware hosting/C2
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-