d2700790fa8bd50e3dc8fb99b0c3ce8f10fbdbf23445b38f20bf9e327f5d40ca | Triage

Sharing

Copy URL Twitter E-mail

General

Target

Notificación de detalles bancarios.exe
Size

417KB
Sample

200707-v8gq1agwqn
MD5

00b5434826c2dbec6a8a42e21b48b52b
SHA1

125ba9db5eaa10979451730467fd6a8fc783e578
SHA256

d2700790fa8bd50e3dc8fb99b0c3ce8f10fbdbf23445b38f20bf9e327f5d40ca
SHA512

c518d570ee60e09844ca6c4ba8f7649a29d47f3415765cd82f2885ede8a397376d3404a6c77f9b406f7541ec49b7774678a94acc71336877d1872786019dbf42

Score

7^/10

spyware

Malware Config

Targets

- Target
  
  Notificación de detalles bancarios.exe
- Size
  
  417KB
- MD5
  
  00b5434826c2dbec6a8a42e21b48b52b
- SHA1
  
  125ba9db5eaa10979451730467fd6a8fc783e578
- SHA256
  
  d2700790fa8bd50e3dc8fb99b0c3ce8f10fbdbf23445b38f20bf9e327f5d40ca
- SHA512
  
  c518d570ee60e09844ca6c4ba8f7649a29d47f3415765cd82f2885ede8a397376d3404a6c77f9b406f7541ec49b7774678a94acc71336877d1872786019dbf42
Score

7^/10

spyware
- Reads user/profile data of local email clients
  Email clients store some user data on disk where infostealers will often target it.
  spyware
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Credentials in Files

Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2