c5d50cd8ce604053ec9ba7ca539def1bd0b90d341cb00f563c45648a8c61b9a9

Sharing

Copy URL

Twitter E-mail

General

Target

c5d50cd8ce604053ec9ba7ca539def1bd0b90d341cb00f563c45648a8c61b9a9
Size

8.0MB
Sample

241120-d3zbnavlbm
MD5

1b6b7d4479471944f2fbaae56f02d7f2
SHA1

ce42795b40d9970633445102a6bea718952c0c90
SHA256

c5d50cd8ce604053ec9ba7ca539def1bd0b90d341cb00f563c45648a8c61b9a9
SHA512

7aa392edd8b5d32b3b9c3bafe39e54b10a5bfe7d6fb09e742981c1ec1ae466aab3038f94766dc4fdf7bd646377640f7f11cf0cc737c2250c427de0533029af4d
SSDEEP

196608:w7xFBTQGH9frQRmJ26QFzZlc6lCgs5xikFWtnxHjNM:w7LaCBpBQFdZCg4R6E

Score

10^/10

Malware Config

Targets

- Target
  
  c5d50cd8ce604053ec9ba7ca539def1bd0b90d341cb00f563c45648a8c61b9a9
- Size
  
  8.0MB
- MD5
  
  1b6b7d4479471944f2fbaae56f02d7f2
- SHA1
  
  ce42795b40d9970633445102a6bea718952c0c90
- SHA256
  
  c5d50cd8ce604053ec9ba7ca539def1bd0b90d341cb00f563c45648a8c61b9a9
- SHA512
  
  7aa392edd8b5d32b3b9c3bafe39e54b10a5bfe7d6fb09e742981c1ec1ae466aab3038f94766dc4fdf7bd646377640f7f11cf0cc737c2250c427de0533029af4d
- SSDEEP
  
  196608:w7xFBTQGH9frQRmJ26QFzZlc6lCgs5xikFWtnxHjNM:w7LaCBpBQFdZCg4R6E
Score

10^/10

discovery evasion execution persistence spyware stealer trojan upx
- Windows security bypass
  evasion trojan
- Creates new service(s)
  persistence execution
- Drops file in Drivers directory
- Stops running service(s)
  evasion execution
- ACProtect 1.3x - 1.4x DLL software
  Detects file using ACProtect software.
- Executes dropped EXE
- Loads dropped DLL
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Windows security modification
  evasion trojan
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Drops file in System32 directory
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral1 behavioral2
- Target
  
  $PLUGINSDIR/VLDGHQTvGlo.dll
- Size
  
  558KB
- MD5
  
  33447f50cfb3c929ed6b0c67713e3081
- SHA1
  
  aa3f53b1ad107b6cf1ae054ef400dad83cdf2310
- SHA256
  
  205a0061292c83b409d2b8d42ff09d7f2bc66d6d7df131ccc61d3f785aba368b
- SHA512
  
  2b60d0115d75becacfe0aacead349eb7cbe4e951041569fb2f676c27f739fea9016837fb2810f6c1e018911e7971fc8b4fbcaae65240510503b7e75db98831c1
- SSDEEP
  
  12288:sMomWvBp/VZ8qI9uxYmjborJkZlHtAlwSlaUs:kmWvf/VZTXodetDShs
Score

3^/10

discovery
behavioral3 behavioral4
- Target
  
  $PLUGINSDIR/wjjAKIqNZVT.dll
- Size
  
  367KB
- MD5
  
  25e93633a3533409ec5963b2ef48c81a
- SHA1
  
  7c3ab6dd14975e3863cfe85e9fc3af2facd68f53
- SHA256
  
  097f4b3f90d501ef6cf171460dcdceb4382643c6bf1c55a739227f71b1bdc422
- SHA512
  
  7632564579ad1319344bd8bcc2b3df5acd93c9dd428f10fe61ba2a6b258a2cf57f0de70a3d1bb4fde484792d250385788336a27c4c1ed8e25f87109a65da68bc
- SSDEEP
  
  6144:WQoCcbX2e63Ns+YMhpiuTktQJbs7bvxFux2R4bq53SPQk:WQoCaXR63phpzTktQJ4Z0x2R4bqQPQk
Score

3^/10

discovery
behavioral5 behavioral6
- Target
  
  $PLUGINSDIR/zBwqyhobgZG.dll
- Size
  
  116KB
- MD5
  
  a357dff2b22e52f979ae6b777913a8a3
- SHA1
  
  bba7622c681653e043381c42a49b1ee9df1eeff1
- SHA256
  
  ef8b736acd1e8ca1195d15334b42fddd1e6e88df66ab471f86c0a99f6c5ac4ac
- SHA512
  
  b6e6f91ee62903f3a6c4a53aa8e216e1a3eb3f4908eef9c76d29e4219a9b25e6ce092e58e39603cb90138327d0f7d60fad68510f5aedc0ac51ba89f8ead1a12f
- SSDEEP
  
  1536:h+T7r6xdLwJWc+4orPHT/xEv5PElHGkNMkL/9rgrBa/aN:hKrcxVTqhqvMg/9rgrBa/a
Score

3^/10

discovery
behavioral7 behavioral8