General
-
Target
2020-05-22_17-36-19.bin.zip
-
Size
336KB
-
Sample
200523-7jzphjnans
-
MD5
716d6bd7f488a55587f1f0e847ade668
-
SHA1
ca65304ffb493f9157cad18b37c81424d1ee9648
-
SHA256
c41d1ff004b7e49d601b10e11e3591a99da6c95dcc1272fdcbeb8663e502e83b
-
SHA512
a592ba535915342eace4d4f08d7df486ff7ce0502babc37c66e562e3fd7de2874d38ca60248686f9e70289963d39e9b8ef58f8f398a6d305e59b28a96d05f5e9
Static task
static1
Behavioral task
behavioral1
Sample
2020-05-22_17-36-19.bin.exe
Resource
win7v200430
Behavioral task
behavioral2
Sample
2020-05-22_17-36-19.bin.exe
Resource
win10v200430
Malware Config
Extracted
C:\Users\Admin\Desktop\README_LOCK.TXT
support@covidworldcry.com
Targets
-
-
Target
2020-05-22_17-36-19.bin
-
Size
448KB
-
MD5
412568f078ec521bdba6ae14b9f36823
-
SHA1
3e5a80fe286834f6d5f0aaf014a420ec40ebad7d
-
SHA256
e2c2a80cb4ecc511f30d72b3487cb9023b40a25f6bbe07a92f47230fb76544f4
-
SHA512
9e979c3873778991bfd05b22370fbab32f7ec16dd78b8c3f2b0f54ccfd26fcdfc84f881bdf4414d24228ad2a19ef00ecb062dd5e9e2e243966f1276698f1ff85
Score10/10-
Deletes itself
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Adds Run entry to start application
-
Drops Chrome extension
-
Enumerates connected drives
-
Drops file in System32 directory
-
Modifies service
-