General
-
Target
Parpack S.A.exe
-
Size
611KB
-
Sample
200707-pd3hyye3ma
-
MD5
ed04b51ebb84647385acfcb066ff8ce1
-
SHA1
fe2b40b2bfe4e92a8658895e9c571e02d0b90b2a
-
SHA256
b73caeffe98a9035eefe1465bf9c883f306372f8b4ca2d18973fc18277781363
-
SHA512
d6ded25b3e61f0b34fad695cc719d44168f3b3d0a0b82ca3e5ef2ee14f393c2fa0117239a51886e006ffc064609c0021cb10064de520b8a1ca03b719011bedb9
Static task
static1
Behavioral task
behavioral1
Sample
Parpack S.A.exe
Resource
win7
Behavioral task
behavioral2
Sample
Parpack S.A.exe
Resource
win10
Malware Config
Targets
-
-
Target
Parpack S.A.exe
-
Size
611KB
-
MD5
ed04b51ebb84647385acfcb066ff8ce1
-
SHA1
fe2b40b2bfe4e92a8658895e9c571e02d0b90b2a
-
SHA256
b73caeffe98a9035eefe1465bf9c883f306372f8b4ca2d18973fc18277781363
-
SHA512
d6ded25b3e61f0b34fad695cc719d44168f3b3d0a0b82ca3e5ef2ee14f393c2fa0117239a51886e006ffc064609c0021cb10064de520b8a1ca03b719011bedb9
Score8/10-
Adds Run entry to policy start application
-
Deletes itself
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Suspicious use of SetThreadContext
-