General
-
Target
a26dc029cbda5105a0cb0a4a21b0f0001e6b1d957c5b5f8196cf01ea7b039d15
-
Size
236KB
-
Sample
231031-ff1bjsaf59
-
MD5
2ac98d74492e506d076da99f517c3146
-
SHA1
b3defe4a357cd20b5b9b8ecc66bea5fac064a256
-
SHA256
a26dc029cbda5105a0cb0a4a21b0f0001e6b1d957c5b5f8196cf01ea7b039d15
-
SHA512
04369f256f91ce710c057482d0c228847a149022b98774d529d9fb84e976a25719e8061cb47f97a5da1b198c70ce4767b4330c8ea77ef4c4ee980cc31913f7a7
-
SSDEEP
3072:aAXb5Dl3ES2MP1vZprNooACC7cs8fOQuWaq7YuUgR:7bNl3EHMPFZtaoAZ7cjfO+QZ
Malware Config
Targets
-
-
Target
a26dc029cbda5105a0cb0a4a21b0f0001e6b1d957c5b5f8196cf01ea7b039d15
-
Size
236KB
-
MD5
2ac98d74492e506d076da99f517c3146
-
SHA1
b3defe4a357cd20b5b9b8ecc66bea5fac064a256
-
SHA256
a26dc029cbda5105a0cb0a4a21b0f0001e6b1d957c5b5f8196cf01ea7b039d15
-
SHA512
04369f256f91ce710c057482d0c228847a149022b98774d529d9fb84e976a25719e8061cb47f97a5da1b198c70ce4767b4330c8ea77ef4c4ee980cc31913f7a7
-
SSDEEP
3072:aAXb5Dl3ES2MP1vZprNooACC7cs8fOQuWaq7YuUgR:7bNl3EHMPFZtaoAZ7cjfO+QZ
Score8/10-
Downloads MZ/PE file
-
Deletes itself
-
Loads dropped DLL
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-