General
-
Target
240cb0b0443f8e63dc65887da08db0b05a6912be194bd870b07e4cd86865d12a.exe
-
Size
624KB
-
Sample
200708-wkrey2345n
-
MD5
0189f099f1d4340903c64c40fcf3d3a2
-
SHA1
57ef299e94c76a87cc083097bf88af2061e1d04b
-
SHA256
240cb0b0443f8e63dc65887da08db0b05a6912be194bd870b07e4cd86865d12a
-
SHA512
860689bedcb99e33729b70fb28a67d677db72ef81cc48bfa8c8113f522e74971c998ba25122a26e5004dabd0e4eb8f9ba4694808159652475e7b09e6407093e9
Static task
static1
Behavioral task
behavioral1
Sample
240cb0b0443f8e63dc65887da08db0b05a6912be194bd870b07e4cd86865d12a.exe
Resource
win7
Malware Config
Targets
-
-
Target
240cb0b0443f8e63dc65887da08db0b05a6912be194bd870b07e4cd86865d12a.exe
-
Size
624KB
-
MD5
0189f099f1d4340903c64c40fcf3d3a2
-
SHA1
57ef299e94c76a87cc083097bf88af2061e1d04b
-
SHA256
240cb0b0443f8e63dc65887da08db0b05a6912be194bd870b07e4cd86865d12a
-
SHA512
860689bedcb99e33729b70fb28a67d677db72ef81cc48bfa8c8113f522e74971c998ba25122a26e5004dabd0e4eb8f9ba4694808159652475e7b09e6407093e9
-
Reads data files stored by FTP clients
Tries to access configuration files associated with programs like FileZilla.
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Checks for installed software on the system
-
Suspicious use of SetThreadContext
-