General
-
Target
presentation_w0i.js
-
Size
1.7MB
-
Sample
200214-8z8vnjqrp2
-
MD5
5f43c62e7265604f3aec3b8b28a0a451
-
SHA1
a3fff87307b9b6430004e66985146fb4d36688ab
-
SHA256
6283406c2c25eb5d8213b9f02887c8131054ab46698d302b1ae12baddc512199
-
SHA512
f69e7e1ab0e7fe37312c97909e8ddde2046694fc8b25f7eff1a774da2c84ec39e15a82cc71859412218a8b3a3770e1a1056fb5fc2891af2f7c78e03100593533
Static task
static1
Behavioral task
behavioral1
Sample
presentation_w0i.js
Resource
win7v200213
Malware Config
Targets
-
-
Target
presentation_w0i.js
-
Size
1.7MB
-
MD5
5f43c62e7265604f3aec3b8b28a0a451
-
SHA1
a3fff87307b9b6430004e66985146fb4d36688ab
-
SHA256
6283406c2c25eb5d8213b9f02887c8131054ab46698d302b1ae12baddc512199
-
SHA512
f69e7e1ab0e7fe37312c97909e8ddde2046694fc8b25f7eff1a774da2c84ec39e15a82cc71859412218a8b3a3770e1a1056fb5fc2891af2f7c78e03100593533
-
Executes dropped EXE
-
Reads browser user data or profiles (possible credential harvesting)
-
Drops file in System32 directory
-
Suspicious use of SetThreadContext
-