Extracted

Extracted

• • Target

    312ca1a8e35dcf5b80b1526948bd1081fed2293b31d061635e9f048f3fe5eb83.exe

  • Size

    465KB

  • MD5

    15634dc79981e7fba25fb8530cedb981

  • SHA1

    a4bdd6cef0ed43a4d08f373edc8e146bb15ca0f9

  • SHA256

    312ca1a8e35dcf5b80b1526948bd1081fed2293b31d061635e9f048f3fe5eb83

  • SHA512

    daa63d5a3a948f4416d61eb4bf086f8cc921f24187ffcdb406751cc8102114f826957a249830e28220a3c73e11388706152851106794529541e1e2020d695ece

  • SSDEEP

    12288:HZph8TCfS9dQ1GH4wKcmY8FYkEv+NT5XqU6KDBxE:HZpCTCfS9dQ104wdV8FImT5XqiS

  Score

  10^/10

  dragonforcecredential_accessdiscoveryransomwarespywarestealer

  • DragonForce

    Ransomware family based on Lockbit that was first observed in November 2023.

    ransomwaredragonforce

  • Dragonforce family

    dragonforce

  • Credentials from Password Stores: Windows Credential Manager

    Suspicious access to Credentials History.

    credential_accessstealer

  • Drops startup file

  • Reads user/profile data of web browsers

    Infostealers often target stored browser data, which can include saved credentials etc.

    spywarestealer

  • Drops desktop.ini file(s)

  behavioral1behavioral2