8a2478753d48abdb4658f369ee4b6e82ca58e68fe07e82acf3dcbc841f6d8b55

Sharing

Copy URL

Twitter E-mail

General

Target

8a2478753d48abdb4658f369ee4b6e82ca58e68fe07e82acf3dcbc841f6d8b55
Size

5.3MB
Sample

241119-nnl3wsvpby
MD5

6ea04d978d9eb124eba068aa768286ff
SHA1

626a943b9e3fbcb9b79d83e071fbc3d769cb8dad
SHA256

8a2478753d48abdb4658f369ee4b6e82ca58e68fe07e82acf3dcbc841f6d8b55
SHA512

dbc62e443c0a391c2a29125bd84c0c59f0da8b8632a286c5e7d09c9cb684c1220587cb00566da65d8b74670eb6418fe2516eac3b579083d4611c5e64c99e469e
SSDEEP

98304:6cRjf15hXmlDW5abtV9celijEdBhnuP3FwiHoYzhUhD4DW5abtV9celijEdBhnux:6ctf15dXec0ijwBJufFwmLgDvec0ijwa

Score

7^/10

Malware Config

Targets

- Target
  
  8a2478753d48abdb4658f369ee4b6e82ca58e68fe07e82acf3dcbc841f6d8b55
- Size
  
  5.3MB
- MD5
  
  6ea04d978d9eb124eba068aa768286ff
- SHA1
  
  626a943b9e3fbcb9b79d83e071fbc3d769cb8dad
- SHA256
  
  8a2478753d48abdb4658f369ee4b6e82ca58e68fe07e82acf3dcbc841f6d8b55
- SHA512
  
  dbc62e443c0a391c2a29125bd84c0c59f0da8b8632a286c5e7d09c9cb684c1220587cb00566da65d8b74670eb6418fe2516eac3b579083d4611c5e64c99e469e
- SSDEEP
  
  98304:6cRjf15hXmlDW5abtV9celijEdBhnuP3FwiHoYzhUhD4DW5abtV9celijEdBhnux:6ctf15dXec0ijwBJufFwmLgDvec0ijwa
Score

7^/10

collection discovery execution persistence spyware stealer
- Reads WinSCP keys stored on the system
  Tries to access WinSCP stored sessions.
  spyware stealer
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Accesses Microsoft Outlook profiles
  collection
- Adds Run key to start application
  persistence
- Command and Scripting Interpreter: PowerShell
  Using powershell.exe command.
  execution
behavioral1 behavioral2
- Target
  
  $PLUGINSDIR/AMDBugReportForm.exe
- Size
  
  1.2MB
- MD5
  
  e5447d9f5182f74f53e1c053a2158b71
- SHA1
  
  71619f465827d2ce8dd064bb315efda6776a09e8
- SHA256
  
  01e0fb3c287a9fb1b0130ba63d72eb1877a1a7d7f588253fa37a6569d1828679
- SHA512
  
  8714a8deb719fae242ced933d4ec3aaff0b0c489beb6fb5956c38955bdef687c490270e93beab01c1effcdf2f5c9492fce12c07bbd314ee133bfae47826b6676
- SSDEEP
  
  12288:0AO2Y0AE+L0GhjPP88aMoejCCTp+661go+dwIens6FNscuFe6r8Z1Oco/SkziuV2:0AOoe0wDOMoejd+66ou
Score

3^/10
behavioral3 behavioral4
- Target
  
  $PLUGINSDIR/AWSSDK.Core.dll
- Size
  
  2.0MB
- MD5
  
  fbda379ff780ebc8c5c7dfc908945fa9
- SHA1
  
  3e1b289132551e632a12133c43ff23f2369fced6
- SHA256
  
  5c15472bb668c1fe8dfe84d85c442a7f3b48999f43093a546fb14c71e8c3aaf0
- SHA512
  
  813139ee77d63101326c791fd7d9ccd57df6649944ef60277d033852573a4861ab462d4346fc869a47f4cb6b5fac2193d2a9d19cbfdaa23f580952c5c3856d87
- SSDEEP
  
  12288:Ara544FckHZCJhhFbxf5JhT9Y0xn9kZF/djKuzuu99u0uaufuuFuNxuuFuNI34mZ:AraqifHZCHhFbl5zqZFr4mAvx6snngH
Score

1^/10
behavioral5 behavioral6
- Target
  
  $PLUGINSDIR/AWSSDK.S3.dll
- Size
  
  864KB
- MD5
  
  942db74d17261428c7efb55766f06c66
- SHA1
  
  c0cf2d693405eb656645cb7d0ba7901e09fbb270
- SHA256
  
  90e37880e21694317507114dab36567edff03c24c78d066ecc3359a8c899defa
- SHA512
  
  7ec33a425f8f0ffe41e4cf0078e3eb9fa706b54feba038c5c2d32b38857204677872139d3b68babcdb31e4036275dca91f9e14ac27cdc0187c2f8c3cb24d634e
- SSDEEP
  
  12288:8hPGW1pETdYxQX7q9Er1rP+777djF6m//Y6t:Tdimo75QO/t
Score

1^/10
behavioral7 behavioral8
- Target
  
  $PLUGINSDIR/cs/AMDBugReportForm.resources.dll
- Size
  
  357KB
- MD5
  
  886c7e035a2412e8d0a26b6c6bdb5fba
- SHA1
  
  b5b33665cf36cb8c243c8a3034709552eb67b7aa
- SHA256
  
  32a085733c6016c1eea298f4566f9266800b274104db6ebec7e6a2429d7f2130
- SHA512
  
  e7171723773ad8d189b40246d15d9e6dfc8bdd865c7abcbb59488ce3de5244278fd5bb4ce2bda25f0dbb24ef174d7d3a8ac50bb7b14f7edb1bfb2a26c8a18cbf
- SSDEEP
  
  1536:xsnEyQWSrcUtPJUayf7yYgJjCcQdS12MsWpceehHMy1ljHf0YgJjCcQdwhsemCtC:xiKcpGhOS4MsWw0hOwhsem1
Score

1^/10
behavioral10 behavioral9
- Target
  
  $PLUGINSDIR/da/AMDBugReportForm.resources.dll
- Size
  
  355KB
- MD5
  
  010bea0fef662359ee4e98273b713903
- SHA1
  
  472f67daee0d9b0a7401413663b497d694aca7ef
- SHA256
  
  8226d140f2ec0ed436a17868535e344239ea59b1ebaca7fa1db12c7c73f1d09e
- SHA512
  
  85bc3c9187d0f80d7af2ea67c423ab1aeb49850b29e7f4d5300c4b177adc097c968d8b7369acace087fba8b4b6f89b588eeb1db5f61f3e1b4eb5783ba6aa8494
- SSDEEP
  
  1536:lpXZ0OwEy30hOOEZ96YgJjCcQd4Y2MsxrceehHNrOKwImjYgJjCcQdYpem0p5:lpG1EkOEIhO4PMsx9hOYpemA
Score

1^/10
behavioral11 behavioral12
- Target
  
  $PLUGINSDIR/de/AMDBugReportForm.resources.dll
- Size
  
  357KB
- MD5
  
  e4756bb29aa9845a505625ce0764fe22
- SHA1
  
  be5e88331247846c24f36a567040eb96c0968140
- SHA256
  
  9067fe8280f73790d8bcea1a9a3671e6f5605c54b1620496f946625c1c7b9714
- SHA512
  
  b0bb3e3f024ce514889f03d096741d827f8a5c0f443a0d3c81066bf36ad6a272044027463b16cc5ff45a8c0145a416a199cb2825b5030eff2612d1832290c8fd
- SSDEEP
  
  1536:OSmnEyV12/a8P1x23QH9YgJjCcQdrLl2MsLOceehHeIznVF4YgJjCcQdVQgemcy:Onm/h1PhOrUMsLYhOmgemP
Score

1^/10
behavioral13 behavioral14
- Target
  
  $PLUGINSDIR/el/AMDBugReportForm.resources.dll
- Size
  
  376KB
- MD5
  
  9a88689736b5c701004da6cc47bb1cd5
- SHA1
  
  efa4112d9ed5c196b7995db05f1714bf0088f608
- SHA256
  
  737b615b0063afed1aa5f8cef940855a22178a3539d72c3dded6724dc8754c09
- SHA512
  
  ae7bf33857ee5642d558b4ffc104d51c58aaa9d47a3e627989126ef10c7a5cdcce62159f414250bc13196a11dbbd77e143a56f09b01a936af1c8ac09f032c4e7
- SSDEEP
  
  3072:iYmqMty85p1mN8ASbBDR/hOyRMsiGhOrG3emlu:iZqy3RmAv7I
Score

1^/10
behavioral15 behavioral16
- Target
  
  $PLUGINSDIR/es/AMDBugReportForm.resources.dll
- Size
  
  357KB
- MD5
  
  2cfb3370f03c6b5bf7878173e7a1a3d3
- SHA1
  
  40d6a2a6f4d4d59815b3b72113a5669c17ee59bf
- SHA256
  
  87856336c3a7af4531720f068646d25e3721e1b915bdc939c7b27baeff3d513f
- SHA512
  
  7079ac3151b9ac79d45a90fcc046b9ef56a7b93e4596d8ff3f21e6532cc412d3c859f75e72eb2ce6f928f18b64c73fa010d6dfc831c24e03d1585dd608f86ac4
- SSDEEP
  
  1536:co89EyCOpvoYZzDPrrfnogYgJjCcQdYm2MsG6ceehHCM/j5pTYgJjCcQdtCyQemn:comn9VD/foghOYRMsGPhOtCyQemn
Score

1^/10
behavioral17 behavioral18
- Target
  
  $PLUGINSDIR/fi/AMDBugReportForm.resources.dll
- Size
  
  355KB
- MD5
  
  8a83e7343e58c066a3b8118fc4485ace
- SHA1
  
  6f832199c2a77f57aa47018f7ef38db17b089120
- SHA256
  
  7a68aa4e160383a40e9771575e2e4e216f6b5eb9ffdaabc8e403527966a08f5f
- SHA512
  
  216fd8b081b14d0c41eef61db24d39366f3d1f9bf3af8a453fb454b8ac9cda4408f546cf6f05eb86ece4aec6a170ec204e720d006a067b37299543f533ae0f84
- SSDEEP
  
  1536:4z0EEyNLo0WAJIUZUMYgJjCcQdD02MsJyO3fceehHXRMM6uGYgJjCcQddqemwyF:4165ApZUMhODjMsoO3FhOdqemVF
Score

1^/10
behavioral19 behavioral20
- Target
  
  $PLUGINSDIR/fr/AMDBugReportForm.resources.dll
- Size
  
  359KB
- MD5
  
  514c4445eeb4aef677e16dc0f0276ccd
- SHA1
  
  9f9dc6b3d9cf05fc1b6070c5b625b8c2cd9a4183
- SHA256
  
  519d07ffe76e1bc5b79b94f407e6e762a0ae9bcf739d2a3e46a62fa42d030b46
- SHA512
  
  a5530c7bcd379a170717d5c40e05c646a04a3ce1dd48eb81bc32689a4fd7823cc92ab817e90b1340db12fb2ceaaa9145f423407a15fbce8dd557592135687ca9
- SSDEEP
  
  1536:j19EUQEyf9HK7LjXfNduIOPZY9YgJjCcQdJa2MsvqceehHCM/j5pWYgJjCcQdhxj:jN01qXGO9hOJ9MsvqhOhxbemL
Score

1^/10
behavioral21 behavioral22
- Target
  
  $PLUGINSDIR/hu/AMDBugReportForm.resources.dll
- Size
  
  358KB
- MD5
  
  7f947b4178bc9a1fc6355507fbc01d69
- SHA1
  
  48e40cb14b9d0ee7c033a7b83a375e54dd0d2f0d
- SHA256
  
  d3ac98de26b241f8679bc97eb0cdbb928ca348625447914aab022b596ea31d25
- SHA512
  
  2bc170d31428b372f17197b4eb5a7f0815a3ec5f58288cd565468b5e92088b6cf2d64830ca59c4ffd538a529c27853830cbc744c8b40897b5ee0362a3a8afe85
- SSDEEP
  
  3072:trhKQOOh6afcXgbhOpjMsx6hOItN+emtR:trhK3Oh1lO4ZvE7tR
Score

1^/10
behavioral23 behavioral24
- Target
  
  $PLUGINSDIR/it/AMDBugReportForm.resources.dll
- Size
  
  371KB
- MD5
  
  05db10ebcae4d2e2e16a5c8215c61f55
- SHA1
  
  d46d08b84c12a8e90f61f969b869560e4d90d912
- SHA256
  
  a38f4773168fffdc4cbd632dd7e1c17705dffe87729795fa564a0ef034a44935
- SHA512
  
  d3e2a6f543175d520dc19bc38dcc02e242a9cbccb09e2c82cff056431989ce341bf2467d04f36699fad32ff777b721674f2f4f152edb59740a498a2ae9453a28
- SSDEEP
  
  3072:ldgbvzOjQqkbGDvWhOFKMs8M6hOWtWSemE:l6bvzOjeGDvmiXLN77E
Score

1^/10
behavioral25 behavioral26
- Target
  
  $PLUGINSDIR/ja/AMDBugReportForm.resources.dll
- Size
  
  375KB
- MD5
  
  b310fa5c94c8ced2bb6887da0f003c68
- SHA1
  
  662e0a728c08cd02df93caf4386d005cb8d76c7a
- SHA256
  
  f38fe901a16476ae02c793c61144cd8a866b3e411432d4906d833f0c0d7d74ad
- SHA512
  
  73119d0eaca6fb149c2904e303021e0851ba20ee319a9b69b182d670f1b41aeefc373b2324fe1680ea0240476aad82cdba4f0fd7135144ab403da48db1d3beee
- SSDEEP
  
  1536:iGiWCAEyyRgjuXYVfFYgJjCcQdOf2MsBZceehHzNgAmqnYgJjCcQduRemzk:iVkRiIFhOO+MsBChOuRem4
Score

1^/10
behavioral27 behavioral28
- Target
  
  $PLUGINSDIR/ko/AMDBugReportForm.resources.dll
- Size
  
  356KB
- MD5
  
  4df99517563dfdd6ed09db7ad7733e3a
- SHA1
  
  2ddb6b59d47598beebb01378b19cb9dc1079680f
- SHA256
  
  b68b509b675994e840505d73f9da5daf3f387cb683bf587411fe0d0760508109
- SHA512
  
  71c92725010ed2c354f7fceef29a1bb1eb7e9171cc9334b3ced4915bd535ff8587c00911149bd58a94161e3df62341ed41f7a51503ed934caab88cc170b460ca
- SSDEEP
  
  1536:xhlEyMvzOogxGhjfJhYgJjCcQdym2Ms9TnceehHCM/j5pHYgJjCcQdiqoem0MQ7:x9fog0hlhhOyRMs9TOhOiqoem0h
Score

1^/10
behavioral29 behavioral30
- Target
  
  $PLUGINSDIR/nb/AMDBugReportForm.resources.dll
- Size
  
  355KB
- MD5
  
  7ee07ae9390e23c1ede38a89d3ca9b52
- SHA1
  
  df97db731b0fc0ba68cfb68cbe3e5c29160b1450
- SHA256
  
  8ae39b51ae385fc661b6cb1c3bfbf3cbff773714bc308b3ff088a2d9d146eb36
- SHA512
  
  ed74ad746af862f9130c397a0e7c5c2ebe56a8af3fa611feeafd246a4152841e3cb6ec28a5727e1c0d9bd708a7905f4ec3b546238b163a9394db78ea6c24107e
- SSDEEP
  
  1536:i/QbEEyYtjG9LjktPdlTQYgJjCcQdyX2MsamoceehHwmRhXb7YgJjCcQddHbemaR:iOgRXQPDchOyGMsamJhOJbemm
Score

1^/10
behavioral31 behavioral32