General
-
Target
cca0a3cf478390927fca3d3f96c4c4f0.exe
-
Size
559KB
-
Sample
230422-zqz83sgf97
-
MD5
cca0a3cf478390927fca3d3f96c4c4f0
-
SHA1
e407300634fbfe1924ce50ad3b70f91f642381f5
-
SHA256
ac1f8cadff78a0040afad6ddd10f23e001c2b8a4dab4f6d0a3537d3ce1198240
-
SHA512
26afaffdc305616516424e5724c5dfa45342f78f0f26faacaf3aa218682def8866419a5f02b3a3f1962e6a1bf440b8d55af431750f77dda9b8bf7cd9f10be24e
-
SSDEEP
12288:sy901D7Z1XlRulcN78k16uSeEcb/EafMc3X:syoR1yly72uSjxKX
Malware Config
Targets
-
-
Target
cca0a3cf478390927fca3d3f96c4c4f0.exe
-
Size
559KB
-
MD5
cca0a3cf478390927fca3d3f96c4c4f0
-
SHA1
e407300634fbfe1924ce50ad3b70f91f642381f5
-
SHA256
ac1f8cadff78a0040afad6ddd10f23e001c2b8a4dab4f6d0a3537d3ce1198240
-
SHA512
26afaffdc305616516424e5724c5dfa45342f78f0f26faacaf3aa218682def8866419a5f02b3a3f1962e6a1bf440b8d55af431750f77dda9b8bf7cd9f10be24e
-
SSDEEP
12288:sy901D7Z1XlRulcN78k16uSeEcb/EafMc3X:syoR1yly72uSjxKX
Score10/10-
Modifies Windows Defender Real-time Protection settings
-
Executes dropped EXE
-
Loads dropped DLL
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Windows security modification
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-