General
-
Target
RDM_Root_Cert_Update_Windows 1.zip
-
Size
3.1MB
-
Sample
240722-sjp17stemg
-
MD5
4712c264c63cda22c8ba1bc7d2e202bc
-
SHA1
05460a4ba8fc1515ff858584c83955855d6446a6
-
SHA256
2d46ff3cbac2b089b1382dd24565e68bfdac0f627231dab1b6552a1b3c2b4132
-
SHA512
cdcdb0f67e5688416c65a6048b10fad2c4644251c7357b35f920764505a89e18541886848ab688f7ebc4c1e6f919c7d2ea78ac08b655f456f0351b09dac7409c
-
SSDEEP
49152:BHJsIDZXBydHxfdhF28W+hNNWcw6P9SZp6v8I7qZknEQMOsKoXS0vE3RLGZ8F/Yu:9J73ya+Ecw6Pg1k2QMxKoiOZ6QNk
Malware Config
Targets
-
-
Target
RDM_Root_Cert_Update_Windows.exe
-
Size
3.7MB
-
MD5
d4b2995d38da119e5b0db2cb90778224
-
SHA1
2570198aafaf5d6f394ffd6e7e741c2316510ee0
-
SHA256
05a6215fbf82c755b73dcfa297f229bf5b88c879b4a7a2edf680ebd97a4580ad
-
SHA512
a611e1fbd0b9997e395f1b829e4b08f833cf5d70e9e846c7eb81d8faeef9fee4af11fc43f4f47776692595ed880eda6b7fd68210cc381984fb70ccf75d680366
-
SSDEEP
98304:uSiKiNyE3pWHFowVGfO1xW8zjoix6b8/CEqvV0CAe:/KyE5WHFowQsxVwzE/cH
Score8/10-
Manipulates Digital Signatures
Attackers can apply techniques such as changing the registry keys of authenticode & Cryptography to obtain their binary as valid.
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-