General
-
Target
d19398603b7530a61656d2150717581dc492573e57d951aba483050469f252ef
-
Size
562KB
-
Sample
230424-dw17nshe64
-
MD5
2db294bb622eaaa284eac12bfbbd44cb
-
SHA1
41758961830ed7f6677616416bef81324edfc80a
-
SHA256
d19398603b7530a61656d2150717581dc492573e57d951aba483050469f252ef
-
SHA512
de0dd3e0a795e5ec88f4de5f34665741b327e03237e074a46ce71ed2c5a9c25b50e9f2a240c8a710bbfdc505a07a25f2c1e161f9d1b3576fe380d0d86f381584
-
SSDEEP
12288:ry90iZpOzNlfTh83A1pRgTMDPotII37hmN+rDo5Sp:ryBZpovfIamwDwthg54
Malware Config
Targets
-
-
Target
d19398603b7530a61656d2150717581dc492573e57d951aba483050469f252ef
-
Size
562KB
-
MD5
2db294bb622eaaa284eac12bfbbd44cb
-
SHA1
41758961830ed7f6677616416bef81324edfc80a
-
SHA256
d19398603b7530a61656d2150717581dc492573e57d951aba483050469f252ef
-
SHA512
de0dd3e0a795e5ec88f4de5f34665741b327e03237e074a46ce71ed2c5a9c25b50e9f2a240c8a710bbfdc505a07a25f2c1e161f9d1b3576fe380d0d86f381584
-
SSDEEP
12288:ry90iZpOzNlfTh83A1pRgTMDPotII37hmN+rDo5Sp:ryBZpovfIamwDwthg54
Score10/10-
Modifies Windows Defender Real-time Protection settings
-
Executes dropped EXE
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Windows security modification
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-