General
-
Target
a117efea2559dbdb1dc9ecacdf936281
-
Size
815KB
-
Sample
240224-ghjl9abh91
-
MD5
a117efea2559dbdb1dc9ecacdf936281
-
SHA1
d95a0e68229564bb0f147fd5a8512860869960ae
-
SHA256
26a23a31e8f9e7b114ce786a15999794dece64b306b992b50552aa779e1e0ea0
-
SHA512
5c0bc5c876a7edbf49634b13a64bf5fc16ef99fbd8374c69efbc48b8243c7242ec0549b710330255a07fa7eecf09ff30362e527607ecb99cd5c18f0165a548f0
-
SSDEEP
12288:9KhGeOqZZTn63FSXyAi5STMrofVKkf+W664CXr42yHJyhcivB+BLzx9nmYTISBMR:crhbAFKwWf93Gvmba/PTISC+x+
Malware Config
Targets
-
-
Target
a117efea2559dbdb1dc9ecacdf936281
-
Size
815KB
-
MD5
a117efea2559dbdb1dc9ecacdf936281
-
SHA1
d95a0e68229564bb0f147fd5a8512860869960ae
-
SHA256
26a23a31e8f9e7b114ce786a15999794dece64b306b992b50552aa779e1e0ea0
-
SHA512
5c0bc5c876a7edbf49634b13a64bf5fc16ef99fbd8374c69efbc48b8243c7242ec0549b710330255a07fa7eecf09ff30362e527607ecb99cd5c18f0165a548f0
-
SSDEEP
12288:9KhGeOqZZTn63FSXyAi5STMrofVKkf+W664CXr42yHJyhcivB+BLzx9nmYTISBMR:crhbAFKwWf93Gvmba/PTISC+x+
Score7/10-
Reads WinSCP keys stored on the system
Tries to access WinSCP stored sessions.
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-