General
-
Target
1ad38c2babf75970b97689f2eadf28e1a8b4af195173b63bbff41c65c83ffd0b
-
Size
746KB
-
Sample
230425-drqkdahh9s
-
MD5
8f81fffd1c822aa41cc04df4c0d50bd3
-
SHA1
2adcea4369898c3c5cdc30cf62b2a0995d130f61
-
SHA256
1ad38c2babf75970b97689f2eadf28e1a8b4af195173b63bbff41c65c83ffd0b
-
SHA512
a309b6dcf650e63817693784c657989c7bb7c4496b39235be7202cc3bd486c751ef3d9aa9cb3f0d9d2d56aa4a64bfaa7fc18ece97c61fac2450fc887ac34ee7c
-
SSDEEP
12288:5y90c5Gv8cslHsj/VUh03m6T8wCl7TP4WRU3888Stf9ZQBtG5n+/VCXcGq1vL:5yxcslMjVUm3m64l7TgWO888ewG5+/sY
Malware Config
Targets
-
-
Target
1ad38c2babf75970b97689f2eadf28e1a8b4af195173b63bbff41c65c83ffd0b
-
Size
746KB
-
MD5
8f81fffd1c822aa41cc04df4c0d50bd3
-
SHA1
2adcea4369898c3c5cdc30cf62b2a0995d130f61
-
SHA256
1ad38c2babf75970b97689f2eadf28e1a8b4af195173b63bbff41c65c83ffd0b
-
SHA512
a309b6dcf650e63817693784c657989c7bb7c4496b39235be7202cc3bd486c751ef3d9aa9cb3f0d9d2d56aa4a64bfaa7fc18ece97c61fac2450fc887ac34ee7c
-
SSDEEP
12288:5y90c5Gv8cslHsj/VUh03m6T8wCl7TP4WRU3888Stf9ZQBtG5n+/VCXcGq1vL:5yxcslMjVUm3m64l7TgWO888ewG5+/sY
Score10/10-
Modifies Windows Defender Real-time Protection settings
-
Executes dropped EXE
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Windows security modification
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-