General
-
Target
2dc744e64d4b1b9e4dfe408579228b90be28484abb9c59ea326269cb11e315cf
-
Size
1.1MB
-
Sample
230426-ces93agc8s
-
MD5
ad246420edbfa3b201927609651d8cc3
-
SHA1
1837216d45093adc537c8327223b8e806c69c198
-
SHA256
2dc744e64d4b1b9e4dfe408579228b90be28484abb9c59ea326269cb11e315cf
-
SHA512
2d5dc85b80321cde2986031ffcbc7099d86608a0c33690c38b795737ad0157a5b0af4ecaad77544d8730d4972f80423c80a5d43f41280f1c676f5fdeade65120
-
SSDEEP
24576:+y+NTfwOGYi5Md+QyWV1OW4ediXd6Frj8bj/ke:N+NTfw49jygOW4ednrIX
Malware Config
Targets
-
-
Target
2dc744e64d4b1b9e4dfe408579228b90be28484abb9c59ea326269cb11e315cf
-
Size
1.1MB
-
MD5
ad246420edbfa3b201927609651d8cc3
-
SHA1
1837216d45093adc537c8327223b8e806c69c198
-
SHA256
2dc744e64d4b1b9e4dfe408579228b90be28484abb9c59ea326269cb11e315cf
-
SHA512
2d5dc85b80321cde2986031ffcbc7099d86608a0c33690c38b795737ad0157a5b0af4ecaad77544d8730d4972f80423c80a5d43f41280f1c676f5fdeade65120
-
SSDEEP
24576:+y+NTfwOGYi5Md+QyWV1OW4ediXd6Frj8bj/ke:N+NTfw49jygOW4ednrIX
Score10/10-
Modifies Windows Defender Real-time Protection settings
-
Executes dropped EXE
-
Loads dropped DLL
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Windows security modification
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-