General
-
Target
0f24f813cbdc162ef39b6c6b77e8cebe
-
Size
400KB
-
Sample
231230-fh1p4aghfp
-
MD5
0f24f813cbdc162ef39b6c6b77e8cebe
-
SHA1
75b801575f255faee42bf588c7480cd692d159e5
-
SHA256
1b4202988b0f690f67d8dc1bed190b15d6c5450bc50a61b7f583349d5c638fd8
-
SHA512
c5ff2baba6cbae015a76c7fd7afd4267d943699ac23f83501ec924b3457ef1462132bbb8c72ccdb709f610688f94d17911011bbeb3c766bd3071a1226aeb1882
-
SSDEEP
12288:i7gS5hvyqz7kUw09oaeWnUXIDsSk9EePAC:i7gS5pycw09oae/XIDVb8AC
Malware Config
Targets
-
-
Target
0f24f813cbdc162ef39b6c6b77e8cebe
-
Size
400KB
-
MD5
0f24f813cbdc162ef39b6c6b77e8cebe
-
SHA1
75b801575f255faee42bf588c7480cd692d159e5
-
SHA256
1b4202988b0f690f67d8dc1bed190b15d6c5450bc50a61b7f583349d5c638fd8
-
SHA512
c5ff2baba6cbae015a76c7fd7afd4267d943699ac23f83501ec924b3457ef1462132bbb8c72ccdb709f610688f94d17911011bbeb3c766bd3071a1226aeb1882
-
SSDEEP
12288:i7gS5hvyqz7kUw09oaeWnUXIDsSk9EePAC:i7gS5pycw09oae/XIDVb8AC
Score7/10-
Drops startup file
-
Reads local data of messenger clients
Infostealers often target stored data of messaging applications, which can include saved credentials and account information.
-
Uses the VBS compiler for execution
-
Suspicious use of SetThreadContext
-