General
-
Target
MostWantedValo.bat
-
Size
3.2MB
-
Sample
240428-cpv7eaea72
-
MD5
0bef79984a785d284e225d3576239802
-
SHA1
0a759883c5cd8822f269eca241c4dc8c43d86220
-
SHA256
33da2dd5c5ef66be92bc9024f58e5b967746ff2f4b693efe68e98df7da6d4c80
-
SHA512
d5d5aa1e7b3a46af0fd2f94eb5c45c451d3dd3a99debfba1fcda4f704dd3bb54d15fe7d4cda84fa5ca049a81115de73a583aa32da35db862ff6f00799f7700ad
-
SSDEEP
49152:ZTOB4ynYygOvXsMruROZyUpWvWOLZkOReK:1
Malware Config
Targets
-
-
Target
MostWantedValo.bat
-
Size
3.2MB
-
MD5
0bef79984a785d284e225d3576239802
-
SHA1
0a759883c5cd8822f269eca241c4dc8c43d86220
-
SHA256
33da2dd5c5ef66be92bc9024f58e5b967746ff2f4b693efe68e98df7da6d4c80
-
SHA512
d5d5aa1e7b3a46af0fd2f94eb5c45c451d3dd3a99debfba1fcda4f704dd3bb54d15fe7d4cda84fa5ca049a81115de73a583aa32da35db862ff6f00799f7700ad
-
SSDEEP
49152:ZTOB4ynYygOvXsMruROZyUpWvWOLZkOReK:1
Score8/10-
Sets DLL path for service in the registry
-
Stops running service(s)
-
Deletes itself
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Registers COM server for autorun
-
Drops file in System32 directory
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
2Registry Run Keys / Startup Folder
2Create or Modify System Process
1Windows Service
1