General
-
Target
08dbd07eeea678e5d8b6447dd02b2eeffdcd380ef5318de1297843effc0d21da
-
Size
690KB
-
Sample
230426-yr7h4sbe97
-
MD5
bb802f57d882609f0907d1abd60debee
-
SHA1
55d4292475ec53fc83059a60c999d3b397e6c616
-
SHA256
08dbd07eeea678e5d8b6447dd02b2eeffdcd380ef5318de1297843effc0d21da
-
SHA512
8dd5a69caa943cadc963eef044edbeeefbf6fc260b74f033e709e631c22ccf3c03c10dec873fe99a8948bd21b7c18e03f5c55039ba1d870f9c196a81cdb16479
-
SSDEEP
12288:my90B6YKHyttqhkfRkiC8aLE35hZ/2GqniNDm6V92v3lpRD:myG6YKKqhGRorKZbNJ96lpRD
Malware Config
Targets
-
-
Target
08dbd07eeea678e5d8b6447dd02b2eeffdcd380ef5318de1297843effc0d21da
-
Size
690KB
-
MD5
bb802f57d882609f0907d1abd60debee
-
SHA1
55d4292475ec53fc83059a60c999d3b397e6c616
-
SHA256
08dbd07eeea678e5d8b6447dd02b2eeffdcd380ef5318de1297843effc0d21da
-
SHA512
8dd5a69caa943cadc963eef044edbeeefbf6fc260b74f033e709e631c22ccf3c03c10dec873fe99a8948bd21b7c18e03f5c55039ba1d870f9c196a81cdb16479
-
SSDEEP
12288:my90B6YKHyttqhkfRkiC8aLE35hZ/2GqniNDm6V92v3lpRD:myG6YKKqhGRorKZbNJ96lpRD
Score10/10-
Modifies Windows Defender Real-time Protection settings
-
Executes dropped EXE
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Windows security modification
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-