General
-
Target
10403fbb929ac5c352c5542fe4da82438a48c1bfeb034f12c794c063dded227b
-
Size
747KB
-
Sample
230424-zl8dwsgc4z
-
MD5
534b48e6b10322870a892162cf33b6ef
-
SHA1
770e2d351430f0fbecc947015e32e72731e7b0dd
-
SHA256
10403fbb929ac5c352c5542fe4da82438a48c1bfeb034f12c794c063dded227b
-
SHA512
ea9c1c51fd4d19b7e6772206aabf29d92e6a243e18912e7920d40a14e843c9d80e41092e2c5c8ad28c881a17ef42e91828f909fd77209774c227b61eb03f60d5
-
SSDEEP
12288:Ky90G70Iwzv6Z2Fdz0L0GY5BXa8uY9C9r8dcffYvbn4T5B17JbY4wB2lTJdD:KyW7v6Od04p5nr9+rMcovkT5TFbYZcTb
Malware Config
Targets
-
-
Target
10403fbb929ac5c352c5542fe4da82438a48c1bfeb034f12c794c063dded227b
-
Size
747KB
-
MD5
534b48e6b10322870a892162cf33b6ef
-
SHA1
770e2d351430f0fbecc947015e32e72731e7b0dd
-
SHA256
10403fbb929ac5c352c5542fe4da82438a48c1bfeb034f12c794c063dded227b
-
SHA512
ea9c1c51fd4d19b7e6772206aabf29d92e6a243e18912e7920d40a14e843c9d80e41092e2c5c8ad28c881a17ef42e91828f909fd77209774c227b61eb03f60d5
-
SSDEEP
12288:Ky90G70Iwzv6Z2Fdz0L0GY5BXa8uY9C9r8dcffYvbn4T5B17JbY4wB2lTJdD:KyW7v6Od04p5nr9+rMcovkT5TFbYZcTb
Score10/10-
Modifies Windows Defender Real-time Protection settings
-
Executes dropped EXE
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Windows security modification
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-