General
-
Target
46e6e163e3bc57ea482de4c30f4c74df76507b7dde9db089802bf28107be0410
-
Size
566KB
-
Sample
230423-ls2yssec4w
-
MD5
4ab7a6452e1f696820d332abc96f09a2
-
SHA1
62f41a35c831eefd2a3400606c63c6eb8b07c2b2
-
SHA256
46e6e163e3bc57ea482de4c30f4c74df76507b7dde9db089802bf28107be0410
-
SHA512
f62762995f597531dceea7ca6abacb881b680fc5a82ea8fc9fd2aa0a1a03e0fd772c1ab8b917249adf7db1cfc2c0769d6cda9620b4a6f555a301d7e44246d1f5
-
SSDEEP
12288:xy90CkFVjZDjw9nRiRLKs+oY6m1XteBXwbaW:xycVjxanRiRLj+oY60X0JeaW
Malware Config
Targets
-
-
Target
46e6e163e3bc57ea482de4c30f4c74df76507b7dde9db089802bf28107be0410
-
Size
566KB
-
MD5
4ab7a6452e1f696820d332abc96f09a2
-
SHA1
62f41a35c831eefd2a3400606c63c6eb8b07c2b2
-
SHA256
46e6e163e3bc57ea482de4c30f4c74df76507b7dde9db089802bf28107be0410
-
SHA512
f62762995f597531dceea7ca6abacb881b680fc5a82ea8fc9fd2aa0a1a03e0fd772c1ab8b917249adf7db1cfc2c0769d6cda9620b4a6f555a301d7e44246d1f5
-
SSDEEP
12288:xy90CkFVjZDjw9nRiRLKs+oY6m1XteBXwbaW:xycVjxanRiRLj+oY60X0JeaW
Score10/10-
Modifies Windows Defender Real-time Protection settings
-
Executes dropped EXE
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Windows security modification
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-