General
-
Target
7bcd4ec18fc4a56db30e0aaebd44e2988f98f7b5d8c14f6689f650b4f11e16c0
-
Size
219KB
-
Sample
240410-paw7daab9s
-
MD5
6c10466ad7c153e7f949fa3c6600b6ac
-
SHA1
5d009f79383a81622eefd8b183efb23fbf96a62f
-
SHA256
7bcd4ec18fc4a56db30e0aaebd44e2988f98f7b5d8c14f6689f650b4f11e16c0
-
SHA512
54a7565a2ce2030b4b865835e13e2de6b7b5bb8f171e7d9db28c3fd1de8d98b7072f50effeb5d15a6ca66a2ff309cbe9b7732154f4a2855ad20c79803f0df33e
-
SSDEEP
6144:pjU6yx1p7lvER8SPD/xzL0ruSSbAOfyVM:Ju1pZvPuDF0ruSSbkVM
Malware Config
Targets
-
-
Target
7bcd4ec18fc4a56db30e0aaebd44e2988f98f7b5d8c14f6689f650b4f11e16c0
-
Size
219KB
-
MD5
6c10466ad7c153e7f949fa3c6600b6ac
-
SHA1
5d009f79383a81622eefd8b183efb23fbf96a62f
-
SHA256
7bcd4ec18fc4a56db30e0aaebd44e2988f98f7b5d8c14f6689f650b4f11e16c0
-
SHA512
54a7565a2ce2030b4b865835e13e2de6b7b5bb8f171e7d9db28c3fd1de8d98b7072f50effeb5d15a6ca66a2ff309cbe9b7732154f4a2855ad20c79803f0df33e
-
SSDEEP
6144:pjU6yx1p7lvER8SPD/xzL0ruSSbAOfyVM:Ju1pZvPuDF0ruSSbkVM
Score8/10-
Drops file in Drivers directory
-
Manipulates Digital Signatures
Attackers can apply techniques such as modifying certain DLL exports to make their binary seem valid.
-
Drops startup file
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Drops desktop.ini file(s)
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
Writes to the Master Boot Record (MBR)
Bootkits write to the MBR to gain persistence at a level below the operating system.
-
Drops autorun.inf file
Malware can abuse Windows Autorun to spread further via attached volumes.
-
Drops file in System32 directory
-