General
-
Target
91e37b9d2ad38ef66529c774646eac48801bb739a69aa8238c61b4e12b314d97
-
Size
306KB
-
Sample
240722-rmw39asfpq
-
MD5
f1ac8a74c71a08a9df397de15e157e4a
-
SHA1
971cd2ac5eae7ccd641dcebea30db2c9ef34f60d
-
SHA256
91e37b9d2ad38ef66529c774646eac48801bb739a69aa8238c61b4e12b314d97
-
SHA512
5b511dcd7774161f18d6f0c4a50dac3e1db452d449a7d0e22f8c6b791ea5fadb29a66f75684de48a967273691c9739edecb4d7022a5e5dcedba5666b948bf453
-
SSDEEP
3072:eFfZQioJK/KOwVm0SWmuKEUyHKpwhSjQaJ90IkGR68obMs7mTjNeYYfQ3LOot9Ge:mEObiZKDAX0jH0o2zq9DmQ3LOotL4gr
Malware Config
Targets
-
-
Target
91e37b9d2ad38ef66529c774646eac48801bb739a69aa8238c61b4e12b314d97
-
Size
306KB
-
MD5
f1ac8a74c71a08a9df397de15e157e4a
-
SHA1
971cd2ac5eae7ccd641dcebea30db2c9ef34f60d
-
SHA256
91e37b9d2ad38ef66529c774646eac48801bb739a69aa8238c61b4e12b314d97
-
SHA512
5b511dcd7774161f18d6f0c4a50dac3e1db452d449a7d0e22f8c6b791ea5fadb29a66f75684de48a967273691c9739edecb4d7022a5e5dcedba5666b948bf453
-
SSDEEP
3072:eFfZQioJK/KOwVm0SWmuKEUyHKpwhSjQaJ90IkGR68obMs7mTjNeYYfQ3LOot9Ge:mEObiZKDAX0jH0o2zq9DmQ3LOotL4gr
Score7/10-
Deletes itself
-
Drops startup file
-
Executes dropped EXE
-
Loads dropped DLL
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-