General
-
Target
rVuj5bF.bin
-
Size
403KB
-
Sample
200624-4a9fpsftlx
-
MD5
4e9d3907d80cfe903df735b855d5eaeb
-
SHA1
3fcc74d0b646e8324f0a4cf4708890a8261f3e84
-
SHA256
280fedf6fd7e0964222ac9b21bcc289c222c7ea91d7bad6350741bdf8c1f0938
-
SHA512
672b8b0dd776ff156504e55c171fe035e5aac7b1b48ae785973113648717317eb611acbcc6141c5ab6c0096c4f41c24c335d957afbca1fddcf15dfde9750361f
Static task
static1
Behavioral task
behavioral1
Sample
rVuj5bF.bin.dll
Resource
win7v200430
Malware Config
Targets
-
-
Target
rVuj5bF.bin
-
Size
403KB
-
MD5
4e9d3907d80cfe903df735b855d5eaeb
-
SHA1
3fcc74d0b646e8324f0a4cf4708890a8261f3e84
-
SHA256
280fedf6fd7e0964222ac9b21bcc289c222c7ea91d7bad6350741bdf8c1f0938
-
SHA512
672b8b0dd776ff156504e55c171fe035e5aac7b1b48ae785973113648717317eb611acbcc6141c5ab6c0096c4f41c24c335d957afbca1fddcf15dfde9750361f
-
Blacklisted process makes network request
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Suspicious use of SetThreadContext
-