General
-
Target
77ce0c9f140d8022b67b116441b7855ebd37d2724cad85c0a800f7a9c8e2fbe4
-
Size
399KB
-
Sample
240919-gybatavape
-
MD5
a13640e988030d6dc8fa839ad06f6662
-
SHA1
f7920aed4704a0f6d5b9b60c5c3b9e1b9208e8e9
-
SHA256
77ce0c9f140d8022b67b116441b7855ebd37d2724cad85c0a800f7a9c8e2fbe4
-
SHA512
5b51f9808387675eaa8c45162d53b709ecc00577ab4f2a198526df13479f434cf8a9856673d5c1a84a3d0b5e56f36afb39c751ac1a30b59c0a8163ee5e83aef8
-
SSDEEP
6144:V+azbRZvLP2zPVz7jUBs8hqcBCi6dbfra4erJlt9A+xX1oOAisEIWmGeNkfGuYFk:V+azbvcahVy41
Malware Config
Targets
-
-
Target
77ce0c9f140d8022b67b116441b7855ebd37d2724cad85c0a800f7a9c8e2fbe4
-
Size
399KB
-
MD5
a13640e988030d6dc8fa839ad06f6662
-
SHA1
f7920aed4704a0f6d5b9b60c5c3b9e1b9208e8e9
-
SHA256
77ce0c9f140d8022b67b116441b7855ebd37d2724cad85c0a800f7a9c8e2fbe4
-
SHA512
5b51f9808387675eaa8c45162d53b709ecc00577ab4f2a198526df13479f434cf8a9856673d5c1a84a3d0b5e56f36afb39c751ac1a30b59c0a8163ee5e83aef8
-
SSDEEP
6144:V+azbRZvLP2zPVz7jUBs8hqcBCi6dbfra4erJlt9A+xX1oOAisEIWmGeNkfGuYFk:V+azbvcahVy41
Score7/10-
Deletes itself
-
Drops startup file
-
Executes dropped EXE
-
Loads dropped DLL
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-