Tries to harvest and steal browser information (history, passwords, etc) Query firmware table information (likely to detect VMs)
Multi AV Scanner detection for submitted fileīOT functionalities found, sample is likely a BOTĬontains functionality to check if a debugger is running (CheckRemoteDebuggerPresent)Ĭontains functionality to infect the boot sectorĬontains functionality to prevent local Windows debugging Multi AV Scanner detection for dropped file