General
-
Target
DuoHacker.exe
-
Size
65.5MB
-
Sample
240904-2smrwaygrf
-
MD5
73006016dedea6cb910b4e65f9e4ff4d
-
SHA1
b3f6ea9db6febb855971df3071ca06aaf4ab96d8
-
SHA256
699f439d4fdd2507c0fd7424b7bbdad92e75975249164c8f21043fcc5a1a705c
-
SHA512
84625786f5ab5e03b270ded0e6e10252c1981f802ab8188af992bd78253190c5aa71ef91f5ddb60a4917a5f4a2511990d66f68dd0cf900dde6659ba9fda772a5
-
SSDEEP
1572864:2uky+ptA+NklHaArQ2ocxSG3oSi061S71zyV6yrh8+c1qVBrYaNy:2byUa5ppnYG3Zi061SZzyc9+cfMy
Malware Config
Targets
-
-
Target
DuoHacker.exe
-
Size
65.5MB
-
MD5
73006016dedea6cb910b4e65f9e4ff4d
-
SHA1
b3f6ea9db6febb855971df3071ca06aaf4ab96d8
-
SHA256
699f439d4fdd2507c0fd7424b7bbdad92e75975249164c8f21043fcc5a1a705c
-
SHA512
84625786f5ab5e03b270ded0e6e10252c1981f802ab8188af992bd78253190c5aa71ef91f5ddb60a4917a5f4a2511990d66f68dd0cf900dde6659ba9fda772a5
-
SSDEEP
1572864:2uky+ptA+NklHaArQ2ocxSG3oSi061S71zyV6yrh8+c1qVBrYaNy:2byUa5ppnYG3Zi061SZzyc9+cfMy
Score8/10-
Uses browser remote debugging
Can be used control the browser and steal sensitive information such as credentials and session cookies.
-
Executes dropped EXE
-
Loads dropped DLL
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-