General
-
Target
data.bin
-
Size
119KB
-
Sample
200701-3ayryqmz26
-
MD5
f500854e3cf9556688203a3d869b7d6d
-
SHA1
281aab2eb26f31cf2255e2f5a467fc5eebda8df8
-
SHA256
471325daa2bc75f50856e93e9de088386556fc3ead653894d5c2a67f2a8b4975
-
SHA512
bccb54a68003bde3304dd6824f4bc6a3a5f06995a85bf371b1581fd00e0dc9ff40a1765594b61da9a2cbdf9c0372916a8694af2a66759a534b746981418101d4
Static task
static1
Behavioral task
behavioral1
Sample
data.bin.exe
Resource
win7
Malware Config
Targets
-
-
Target
data.bin
-
Size
119KB
-
MD5
f500854e3cf9556688203a3d869b7d6d
-
SHA1
281aab2eb26f31cf2255e2f5a467fc5eebda8df8
-
SHA256
471325daa2bc75f50856e93e9de088386556fc3ead653894d5c2a67f2a8b4975
-
SHA512
bccb54a68003bde3304dd6824f4bc6a3a5f06995a85bf371b1581fd00e0dc9ff40a1765594b61da9a2cbdf9c0372916a8694af2a66759a534b746981418101d4
Score10/10-
Modifies WinLogon for persistence
-
Executes dropped EXE
-
Deletes itself
-
Loads dropped DLL
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Checks for installed software on the system
-
Enumerates connected drives
-