General
-
Target
cuentas.exe
-
Size
703KB
-
Sample
200711-3541hvjgka
-
MD5
4257c31396f2298a0ff642464ea2de68
-
SHA1
cb2ac642f5743533b79fef9bd4e97da0b1c18aef
-
SHA256
0264a3c84d3a268983747939a9345ccdd32e2614133e362803cc992e0aaf6897
-
SHA512
daf209fb4abe928c974d2ddef6dd40b2b29a02cf9c6b66b386a0a6b240fafd9a285ceb3eee04466fbe8e59ce1d91856b26a22ea8e71d66343673b9bed5f2933f
Static task
static1
Behavioral task
behavioral1
Sample
cuentas.exe
Resource
win7v200430
Behavioral task
behavioral2
Sample
cuentas.exe
Resource
win10
Malware Config
Targets
-
-
Target
cuentas.exe
-
Size
703KB
-
MD5
4257c31396f2298a0ff642464ea2de68
-
SHA1
cb2ac642f5743533b79fef9bd4e97da0b1c18aef
-
SHA256
0264a3c84d3a268983747939a9345ccdd32e2614133e362803cc992e0aaf6897
-
SHA512
daf209fb4abe928c974d2ddef6dd40b2b29a02cf9c6b66b386a0a6b240fafd9a285ceb3eee04466fbe8e59ce1d91856b26a22ea8e71d66343673b9bed5f2933f
Score8/10-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-
Reads data files stored by FTP clients
Tries to access configuration files associated with programs like FileZilla.
-
Reads user/profile data of local email clients
Email clients store some user data on disk where infostealers will often target it.
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-
Suspicious use of SetThreadContext
-