General
-
Target
A2VqQ8z8Ip8FrFi.exe
-
Size
505KB
-
Sample
200707-asfcd4cqps
-
MD5
05bf406665b0dd8d707bcd22dc7eb848
-
SHA1
4d38d07c41bc41e39af98931575c783b58d3b9e8
-
SHA256
56fbebdb22c7244e81aefb20b4a95c1e7fa95791c3d22ffa92676bf1e668952b
-
SHA512
41d07c6600ad81e3e6a7c7bd1e5ffbb5105015fce9635a7e0bc279a16a3fbdadb81bd685fe220413f11abe30da02999bcfa5c8ded704df7e5c7f9311c2aebc9f
Static task
static1
Behavioral task
behavioral1
Sample
A2VqQ8z8Ip8FrFi.exe
Resource
win7
Behavioral task
behavioral2
Sample
A2VqQ8z8Ip8FrFi.exe
Resource
win10v200430
Malware Config
Targets
-
-
Target
A2VqQ8z8Ip8FrFi.exe
-
Size
505KB
-
MD5
05bf406665b0dd8d707bcd22dc7eb848
-
SHA1
4d38d07c41bc41e39af98931575c783b58d3b9e8
-
SHA256
56fbebdb22c7244e81aefb20b4a95c1e7fa95791c3d22ffa92676bf1e668952b
-
SHA512
41d07c6600ad81e3e6a7c7bd1e5ffbb5105015fce9635a7e0bc279a16a3fbdadb81bd685fe220413f11abe30da02999bcfa5c8ded704df7e5c7f9311c2aebc9f
Score7/10-
Reads data files stored by FTP clients
Tries to access configuration files associated with programs like FileZilla.
-
Reads user/profile data of local email clients
Email clients store some user data on disk where infostealers will often target it.
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Suspicious use of SetThreadContext
-