General
-
Target
c0d38766a6fedaed61c631edcdb0f5922b0f3d7b4dc7365311d988b546d75723
-
Size
1.1MB
-
Sample
230425-wl6zaacb44
-
MD5
77f47eec4f94f310a456a609baa92060
-
SHA1
1a4323cc63e239fe24aa5b15d3c13c571d6c2a79
-
SHA256
c0d38766a6fedaed61c631edcdb0f5922b0f3d7b4dc7365311d988b546d75723
-
SHA512
2ef23987c5337fe9f68f1955c8772753179bc7d5051ea9424294e4d10df44a7512a6d6c652392171746af8cdc29d7ed1ccbc33328766649a4501b3012d64ca7b
-
SSDEEP
24576:lyk26+Df1DI5yOYmHjye0EUBklrdU/dbs:AB6+7y5yOfHjyfEUuM/J
Malware Config
Targets
-
-
Target
c0d38766a6fedaed61c631edcdb0f5922b0f3d7b4dc7365311d988b546d75723
-
Size
1.1MB
-
MD5
77f47eec4f94f310a456a609baa92060
-
SHA1
1a4323cc63e239fe24aa5b15d3c13c571d6c2a79
-
SHA256
c0d38766a6fedaed61c631edcdb0f5922b0f3d7b4dc7365311d988b546d75723
-
SHA512
2ef23987c5337fe9f68f1955c8772753179bc7d5051ea9424294e4d10df44a7512a6d6c652392171746af8cdc29d7ed1ccbc33328766649a4501b3012d64ca7b
-
SSDEEP
24576:lyk26+Df1DI5yOYmHjye0EUBklrdU/dbs:AB6+7y5yOfHjyfEUuM/J
Score10/10-
Modifies Windows Defender Real-time Protection settings
-
Executes dropped EXE
-
Loads dropped DLL
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Windows security modification
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-