General
-
Target
0e61bab843c019bc2aa11e1bb149956e
-
Size
884KB
-
Sample
231224-ye4xfsehg4
-
MD5
0e61bab843c019bc2aa11e1bb149956e
-
SHA1
73799ae70219e63ff84d607e4afe2008f5079006
-
SHA256
667c9b373bacff8bcee15bb976a18fc0cd9e8533cf1510c03b266e632d5aedec
-
SHA512
c9de79f5a758f006d6fac88fd0ab24cdedbc9b8532ad9c2103ed5617726f1dbab4999d717752f9fa80c730d432d3a4aedf2939b55ae729d9bb4f4892ef0bac31
-
SSDEEP
3072:DNC8MykTy4k8r4eSoP6gu0WW/YlkIP7uxUJJ1+kKCUxUan8wHlxqwOYv51UMbzA+:uCFCArVqu3xSDFnX
Malware Config
Targets
-
-
Target
0e61bab843c019bc2aa11e1bb149956e
-
Size
884KB
-
MD5
0e61bab843c019bc2aa11e1bb149956e
-
SHA1
73799ae70219e63ff84d607e4afe2008f5079006
-
SHA256
667c9b373bacff8bcee15bb976a18fc0cd9e8533cf1510c03b266e632d5aedec
-
SHA512
c9de79f5a758f006d6fac88fd0ab24cdedbc9b8532ad9c2103ed5617726f1dbab4999d717752f9fa80c730d432d3a4aedf2939b55ae729d9bb4f4892ef0bac31
-
SSDEEP
3072:DNC8MykTy4k8r4eSoP6gu0WW/YlkIP7uxUJJ1+kKCUxUan8wHlxqwOYv51UMbzA+:uCFCArVqu3xSDFnX
Score10/10-
Modifies firewall policy service
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Adds Run key to start application
-
Suspicious use of SetThreadContext
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Create or Modify System Process
1Windows Service
1