General
-
Target
71149c24072f58eccb67c6ed54356adca5287c31fc5fb4edbf94927bb7184eee
-
Size
612KB
-
Sample
230424-sfcxgacf39
-
MD5
74629a68e1d58d7f824ac582de8d960c
-
SHA1
646cc687c335702d7e1309d8cac37ba43e605041
-
SHA256
71149c24072f58eccb67c6ed54356adca5287c31fc5fb4edbf94927bb7184eee
-
SHA512
416ff3e9f7f6aca59eb9b210b985ae9ae5f0bed9276ef0bdedd8698c71dfa937cf0ccb190507ee721c41d23053c651f7bfed5fdb9ad77e3e42fa3816fb38e243
-
SSDEEP
12288:Ey90vnQqgobbHi6W5xpwuvr7E1hnkuBA7SI:EyAQq5HD6KuD4c0I
Malware Config
Targets
-
-
Target
71149c24072f58eccb67c6ed54356adca5287c31fc5fb4edbf94927bb7184eee
-
Size
612KB
-
MD5
74629a68e1d58d7f824ac582de8d960c
-
SHA1
646cc687c335702d7e1309d8cac37ba43e605041
-
SHA256
71149c24072f58eccb67c6ed54356adca5287c31fc5fb4edbf94927bb7184eee
-
SHA512
416ff3e9f7f6aca59eb9b210b985ae9ae5f0bed9276ef0bdedd8698c71dfa937cf0ccb190507ee721c41d23053c651f7bfed5fdb9ad77e3e42fa3816fb38e243
-
SSDEEP
12288:Ey90vnQqgobbHi6W5xpwuvr7E1hnkuBA7SI:EyAQq5HD6KuD4c0I
Score10/10-
Modifies Windows Defender Real-time Protection settings
-
Executes dropped EXE
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Windows security modification
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-