General
-
Target
cc416e61ab8266fb5d02795b8fbfdc2dff7c5acc6313c233f7fe4d3b39882b63
-
Size
563KB
-
Sample
230423-zaq1gafg22
-
MD5
779148436f637e829165f3417d7f9a01
-
SHA1
f13a9ae4a0a24353e478e084018a6805ce236f99
-
SHA256
cc416e61ab8266fb5d02795b8fbfdc2dff7c5acc6313c233f7fe4d3b39882b63
-
SHA512
098d814c7edbc0a1e823631ae51d9c6fa687bc030dec528600e8e304b75b22a16ee365291e777ad71f47f79a8e43cd0eee0546aade31a6ab100bef3d99b4f2a9
-
SSDEEP
12288:Ey90jlQtR+wK+FecBrzDI16JhYH2ENCeiMKLMMiOsyN:EyZtRxF9RDIUb+28IMKYMkyN
Malware Config
Targets
-
-
Target
cc416e61ab8266fb5d02795b8fbfdc2dff7c5acc6313c233f7fe4d3b39882b63
-
Size
563KB
-
MD5
779148436f637e829165f3417d7f9a01
-
SHA1
f13a9ae4a0a24353e478e084018a6805ce236f99
-
SHA256
cc416e61ab8266fb5d02795b8fbfdc2dff7c5acc6313c233f7fe4d3b39882b63
-
SHA512
098d814c7edbc0a1e823631ae51d9c6fa687bc030dec528600e8e304b75b22a16ee365291e777ad71f47f79a8e43cd0eee0546aade31a6ab100bef3d99b4f2a9
-
SSDEEP
12288:Ey90jlQtR+wK+FecBrzDI16JhYH2ENCeiMKLMMiOsyN:EyZtRxF9RDIUb+28IMKYMkyN
Score10/10-
Modifies Windows Defender Real-time Protection settings
-
Executes dropped EXE
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Windows security modification
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-