General
-
Target
1150d293e218270617975a6473294c1f2c6beef850e2e070532388f0ca794e67
-
Size
694KB
-
Sample
230421-2ltxlsae73
-
MD5
d8abb0660d393fdfeacc466d46828822
-
SHA1
f355639c3f5bcd9c824e7e1c70ddea0281f0f502
-
SHA256
1150d293e218270617975a6473294c1f2c6beef850e2e070532388f0ca794e67
-
SHA512
d2f920c1b45d7a53d79313fbd13f2d031ff75824840f56d6b26a4384492a6b59577339d189240d8e7356edafd4cc5a9fada2bf9eef07ea07a4b8131ff13b1a74
-
SSDEEP
12288:Ty90fzbM8oGvSUWvzdEORMduSBGC2fB8F+JpceBLQABIRCSb:TyGLoGvSUW0RBB2pa+JpBBLHBSCSb
Malware Config
Targets
-
-
Target
1150d293e218270617975a6473294c1f2c6beef850e2e070532388f0ca794e67
-
Size
694KB
-
MD5
d8abb0660d393fdfeacc466d46828822
-
SHA1
f355639c3f5bcd9c824e7e1c70ddea0281f0f502
-
SHA256
1150d293e218270617975a6473294c1f2c6beef850e2e070532388f0ca794e67
-
SHA512
d2f920c1b45d7a53d79313fbd13f2d031ff75824840f56d6b26a4384492a6b59577339d189240d8e7356edafd4cc5a9fada2bf9eef07ea07a4b8131ff13b1a74
-
SSDEEP
12288:Ty90fzbM8oGvSUWvzdEORMduSBGC2fB8F+JpceBLQABIRCSb:TyGLoGvSUW0RBB2pa+JpBBLHBSCSb
Score10/10-
Modifies Windows Defender Real-time Protection settings
-
Executes dropped EXE
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Windows security modification
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-