General
-
Target
db35f25e0beb2b37791781890a31851b6e7d419222ccc6c604c7ee182d5fb86a
-
Size
695KB
-
Sample
230426-msghjaaf6t
-
MD5
056a186a5454fe10bffadb7720ac7802
-
SHA1
bab51dc762bbacb5dde20554695487dccf9d7331
-
SHA256
db35f25e0beb2b37791781890a31851b6e7d419222ccc6c604c7ee182d5fb86a
-
SHA512
c430d02526b287a2660af435e46eca58861c34ce858392bdbb9638bcd0729d28260703931b7873f04f50bc766506444be904bc43def6fbdc01873763d6c50497
-
SSDEEP
12288:Ay90hMphpjpdUkqDGaIoaW6frM5QSZRhuRHR0iD6e7ChC6dI7:Ayzv7dUkyGaIoqfg5xjcOde7Chvi
Malware Config
Targets
-
-
Target
db35f25e0beb2b37791781890a31851b6e7d419222ccc6c604c7ee182d5fb86a
-
Size
695KB
-
MD5
056a186a5454fe10bffadb7720ac7802
-
SHA1
bab51dc762bbacb5dde20554695487dccf9d7331
-
SHA256
db35f25e0beb2b37791781890a31851b6e7d419222ccc6c604c7ee182d5fb86a
-
SHA512
c430d02526b287a2660af435e46eca58861c34ce858392bdbb9638bcd0729d28260703931b7873f04f50bc766506444be904bc43def6fbdc01873763d6c50497
-
SSDEEP
12288:Ay90hMphpjpdUkqDGaIoaW6frM5QSZRhuRHR0iD6e7ChC6dI7:Ayzv7dUkyGaIoqfg5xjcOde7Chvi
Score10/10-
Modifies Windows Defender Real-time Protection settings
-
Executes dropped EXE
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Windows security modification
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-