General
-
Target
x.dll
-
Size
800KB
-
Sample
200512-fh9ngk8kpj
-
MD5
c1366b1afc57e2fca68501345bbd4ba0
-
SHA1
1dbbc632e2b10918c322ed0e761661fbe690d43e
-
SHA256
692c58e28e0f0346adfbad2356dd8495ec8f07718ee40db171b50e8870526f96
-
SHA512
ad290473ef61838d67fbf2812d381519b1fabbb50e15c088cd45fe6ea4d9d27ed6615bbffb459dccfdad116706989c881db96fceeef9a94180310c5db5c3b80c
Static task
static1
Behavioral task
behavioral1
Sample
x.dll
Resource
win7v200430
Malware Config
Targets
-
-
Target
x.dll
-
Size
800KB
-
MD5
c1366b1afc57e2fca68501345bbd4ba0
-
SHA1
1dbbc632e2b10918c322ed0e761661fbe690d43e
-
SHA256
692c58e28e0f0346adfbad2356dd8495ec8f07718ee40db171b50e8870526f96
-
SHA512
ad290473ef61838d67fbf2812d381519b1fabbb50e15c088cd45fe6ea4d9d27ed6615bbffb459dccfdad116706989c881db96fceeef9a94180310c5db5c3b80c
-
Blacklisted process makes network request
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Modifies service
-
Suspicious use of SetThreadContext
-