General
-
Target
7a1b68d06854fa8a8a0241d1f7f5bb90N
-
Size
2.6MB
-
Sample
240914-c8wmaatepb
-
MD5
7a1b68d06854fa8a8a0241d1f7f5bb90
-
SHA1
158feb79843caea6677f8bb2e86d807b71160754
-
SHA256
b46c31e6a4e0ec69ad107587545133bee5e633ff0a59ac4b57b558cfaee500c3
-
SHA512
7d2ccf6cf7f7968578b496d9b48a16284384f050cd6a2147633bf971531c91ae739045949654f1be5c31316b5eb7e6bd8acf1f8ac782c1cdf413813aaf4560c0
-
SSDEEP
49152:sxX7665YxRVplZzSKntlGIiT+HvRdpcAHSjpjK3LBjB/bS:sxX7QnxrloE5dpUpYb
Malware Config
Targets
-
-
Target
7a1b68d06854fa8a8a0241d1f7f5bb90N
-
Size
2.6MB
-
MD5
7a1b68d06854fa8a8a0241d1f7f5bb90
-
SHA1
158feb79843caea6677f8bb2e86d807b71160754
-
SHA256
b46c31e6a4e0ec69ad107587545133bee5e633ff0a59ac4b57b558cfaee500c3
-
SHA512
7d2ccf6cf7f7968578b496d9b48a16284384f050cd6a2147633bf971531c91ae739045949654f1be5c31316b5eb7e6bd8acf1f8ac782c1cdf413813aaf4560c0
-
SSDEEP
49152:sxX7665YxRVplZzSKntlGIiT+HvRdpcAHSjpjK3LBjB/bS:sxX7QnxrloE5dpUpYb
Score9/10-
Credentials from Password Stores: Credentials from Web Browsers
Malicious Access or copy of Web Browser Credential store.
-
Drops startup file
-
Executes dropped EXE
-
Loads dropped DLL
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Adds Run key to start application
-