General
-
Target
34d0e168c181bc56555cf7534c14fcf0e7d9d85b22863f61ff104db3a69973c2
-
Size
1.1MB
-
Sample
230426-lrfdeaad7t
-
MD5
aabd20e34804da3b8890ab99f9c2cc76
-
SHA1
35a82a8966d872a3c388f351c9d9cfbd6bd429be
-
SHA256
34d0e168c181bc56555cf7534c14fcf0e7d9d85b22863f61ff104db3a69973c2
-
SHA512
0cc8902b93c7fe2fcdcf6aac73476130d355818546ae91ab36e16d4f32d5097b8c3f70615faf6f5f1f08782c14cdaa00ec6a5a4f4bc2c769abfb67dcd9b69c65
-
SSDEEP
24576:Ey6pxW7T1VjAXi1chsferjl0meitF/6/aZG22:TExW73j2iWksjlVzFC/aZG
Malware Config
Targets
-
-
Target
34d0e168c181bc56555cf7534c14fcf0e7d9d85b22863f61ff104db3a69973c2
-
Size
1.1MB
-
MD5
aabd20e34804da3b8890ab99f9c2cc76
-
SHA1
35a82a8966d872a3c388f351c9d9cfbd6bd429be
-
SHA256
34d0e168c181bc56555cf7534c14fcf0e7d9d85b22863f61ff104db3a69973c2
-
SHA512
0cc8902b93c7fe2fcdcf6aac73476130d355818546ae91ab36e16d4f32d5097b8c3f70615faf6f5f1f08782c14cdaa00ec6a5a4f4bc2c769abfb67dcd9b69c65
-
SSDEEP
24576:Ey6pxW7T1VjAXi1chsferjl0meitF/6/aZG22:TExW73j2iWksjlVzFC/aZG
Score10/10-
Modifies Windows Defender Real-time Protection settings
-
Executes dropped EXE
-
Loads dropped DLL
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Windows security modification
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-