General
-
Target
TIN1-2007100001-AWB.JPG.exe
-
Size
590KB
-
Sample
200710-6589tdn9ga
-
MD5
d7dfb7d9efc85b906a72b2000f925061
-
SHA1
cfc684a0eacb1f49ff7473524337a8a6600760c0
-
SHA256
dc67ad0f1d9092eca89d3b0efc15e17b3490f9e90e99c5df611322053ce4c709
-
SHA512
3ed669655e28e9e1b6a57e99ebfdbaf608677047c102e7d509c9bdf09f975e8f96cc1a3b569afdf28bc0bdbebba3454fb9bfb312e02d5f62e3db65b6aa37779b
Static task
static1
Behavioral task
behavioral1
Sample
TIN1-2007100001-AWB.JPG.exe
Resource
win7v200430
Behavioral task
behavioral2
Sample
TIN1-2007100001-AWB.JPG.exe
Resource
win10v200430
Malware Config
Targets
-
-
Target
TIN1-2007100001-AWB.JPG.exe
-
Size
590KB
-
MD5
d7dfb7d9efc85b906a72b2000f925061
-
SHA1
cfc684a0eacb1f49ff7473524337a8a6600760c0
-
SHA256
dc67ad0f1d9092eca89d3b0efc15e17b3490f9e90e99c5df611322053ce4c709
-
SHA512
3ed669655e28e9e1b6a57e99ebfdbaf608677047c102e7d509c9bdf09f975e8f96cc1a3b569afdf28bc0bdbebba3454fb9bfb312e02d5f62e3db65b6aa37779b
Score7/10-
Reads user/profile data of local email clients
Email clients store some user data on disk where infostealers will often target it.
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Adds Run entry to start application
-
Suspicious use of SetThreadContext
-