General
-
Target
ba2393b75d734ca4a2fe02f87a910adcaa4f495275dbcf4fe3b647fa62810769
-
Size
480KB
-
Sample
230506-gdegqsae3y
-
MD5
ed58ff8b71b836d8d40b4caa17ea1a4f
-
SHA1
19fa00bbcaed629355b73b91e8072fc6961c6483
-
SHA256
ba2393b75d734ca4a2fe02f87a910adcaa4f495275dbcf4fe3b647fa62810769
-
SHA512
2bf427e2954ddadad5ca5bbd521a2740f5074f5312c962026a6eba013dc678915661d3ed5df8847d4785fa0dc0556261f0dc6f056be66cb55a1c727e28ad54ee
-
SSDEEP
12288:aMrWy90tgdaWj00PrHU7Cg7whxcS2itjk07:YypUWjQmg7q2i+C
Malware Config
Targets
-
-
Target
ba2393b75d734ca4a2fe02f87a910adcaa4f495275dbcf4fe3b647fa62810769
-
Size
480KB
-
MD5
ed58ff8b71b836d8d40b4caa17ea1a4f
-
SHA1
19fa00bbcaed629355b73b91e8072fc6961c6483
-
SHA256
ba2393b75d734ca4a2fe02f87a910adcaa4f495275dbcf4fe3b647fa62810769
-
SHA512
2bf427e2954ddadad5ca5bbd521a2740f5074f5312c962026a6eba013dc678915661d3ed5df8847d4785fa0dc0556261f0dc6f056be66cb55a1c727e28ad54ee
-
SSDEEP
12288:aMrWy90tgdaWj00PrHU7Cg7whxcS2itjk07:YypUWjQmg7q2i+C
Score10/10-
Modifies Windows Defender Real-time Protection settings
-
Executes dropped EXE
-
Loads dropped DLL
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Windows security modification
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-