General
-
Target
25222b6e10be1767ec284622dd6b2f167524d04b5c953f0627c0aab17345c826
-
Size
747KB
-
Sample
230425-alhqssfd66
-
MD5
5c836bfb0aa7100d3af44941878d7f04
-
SHA1
4f05e5862608991c6d3de7a3ff2a3d2d2542bc02
-
SHA256
25222b6e10be1767ec284622dd6b2f167524d04b5c953f0627c0aab17345c826
-
SHA512
c26671c6f7a63b4ab33f4393139df3d37a13492862623b28d0150308183c9c41302480a5d7c6ec2763feb35092946af23d48e45c6e37a87d339dd292239e61fa
-
SSDEEP
12288:Xy90k3NibOTJ1rcJKEe/FuxRFDGpC/vDZv2sJlZ4dNPORlF00iU:XyxgbOTvcJw/F0jGAVv26KNPolFd
Malware Config
Targets
-
-
Target
25222b6e10be1767ec284622dd6b2f167524d04b5c953f0627c0aab17345c826
-
Size
747KB
-
MD5
5c836bfb0aa7100d3af44941878d7f04
-
SHA1
4f05e5862608991c6d3de7a3ff2a3d2d2542bc02
-
SHA256
25222b6e10be1767ec284622dd6b2f167524d04b5c953f0627c0aab17345c826
-
SHA512
c26671c6f7a63b4ab33f4393139df3d37a13492862623b28d0150308183c9c41302480a5d7c6ec2763feb35092946af23d48e45c6e37a87d339dd292239e61fa
-
SSDEEP
12288:Xy90k3NibOTJ1rcJKEe/FuxRFDGpC/vDZv2sJlZ4dNPORlF00iU:XyxgbOTvcJw/F0jGAVv26KNPolFd
Score10/10-
Modifies Windows Defender Real-time Protection settings
-
Executes dropped EXE
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Windows security modification
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-