General
-
Target
5362437edc5e594ff95dd72d19775d78
-
Size
60KB
-
Sample
240111-nhkmwafeg7
-
MD5
5362437edc5e594ff95dd72d19775d78
-
SHA1
fc409cd45f002a1e5db098bc4685f083974186f3
-
SHA256
0679bf8b32d4bafb057030e3b1614e9a8603697b2abe097732806f41b426e41c
-
SHA512
a1daf8501b3cb2aea96e2af3dfaf92c37bb8c00355d1475f269089a4ca4d6bdf5c552b314f64d1e816b962782cf49e8d05e953a330c090e1a374957a337117b3
-
SSDEEP
1536:pmaYzMXqtGNttyR92eqVorW0/Bm83EJDsDMds8+VH+U:pmaY46tGNttyX/qVoZ/BPE1JyX
Malware Config
Targets
-
-
Target
5362437edc5e594ff95dd72d19775d78
-
Size
60KB
-
MD5
5362437edc5e594ff95dd72d19775d78
-
SHA1
fc409cd45f002a1e5db098bc4685f083974186f3
-
SHA256
0679bf8b32d4bafb057030e3b1614e9a8603697b2abe097732806f41b426e41c
-
SHA512
a1daf8501b3cb2aea96e2af3dfaf92c37bb8c00355d1475f269089a4ca4d6bdf5c552b314f64d1e816b962782cf49e8d05e953a330c090e1a374957a337117b3
-
SSDEEP
1536:pmaYzMXqtGNttyR92eqVorW0/Bm83EJDsDMds8+VH+U:pmaY46tGNttyX/qVoZ/BPE1JyX
Score8/10-
Drops file in Drivers directory
-
Deletes itself
-
Drops startup file
-
Executes dropped EXE
-
Loads dropped DLL
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-