General
-
Target
Shipping Document PL&BL Draft.exe
-
Size
617KB
-
Sample
200630-16kmyfjv4n
-
MD5
4c3f776751b7ead0c297f8f55e341958
-
SHA1
90f5c2887b4a31d4d30bb73eed64cb9c8ccd87c8
-
SHA256
d476a544163ada2f782fea0b457a59f167825b5d7a0be161400070d919543f54
-
SHA512
897ee8713639c1fe49f8151f0239f57e53bfb0a2c31fd666583ad7f416eb1fbaccd5dc9e6f1b3b92daf230f9f14a011e339033c4c98b008f5f1f0f14b5f429b2
Static task
static1
Behavioral task
behavioral1
Sample
Shipping Document PL&BL Draft.exe
Resource
win7
Behavioral task
behavioral2
Sample
Shipping Document PL&BL Draft.exe
Resource
win10v200430
Malware Config
Targets
-
-
Target
Shipping Document PL&BL Draft.exe
-
Size
617KB
-
MD5
4c3f776751b7ead0c297f8f55e341958
-
SHA1
90f5c2887b4a31d4d30bb73eed64cb9c8ccd87c8
-
SHA256
d476a544163ada2f782fea0b457a59f167825b5d7a0be161400070d919543f54
-
SHA512
897ee8713639c1fe49f8151f0239f57e53bfb0a2c31fd666583ad7f416eb1fbaccd5dc9e6f1b3b92daf230f9f14a011e339033c4c98b008f5f1f0f14b5f429b2
Score7/10-
Reads user/profile data of local email clients
Email clients store some user data on disk where infostealers will often target it.
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Suspicious use of SetThreadContext
-