General
-
Target
INVOICE (A21)GH-SC200710F.exe
-
Size
865KB
-
Sample
200711-98vx7pt3sj
-
MD5
604f34919b1cb3c002f78789a183aa1e
-
SHA1
356268c526fa8182b89fc6bf71a4e5e382ee6c87
-
SHA256
14780eb585efbdc339799d90eefcb8b4b613464566f8cb3f1fed2bcb06dcd17f
-
SHA512
9932bd0c45396ba853fb05c7325b41fa3114ac3c8e990cbe2f29eed7f6f8916c281424aa09763f0da8141f95eee5a66ec1d1954f2f1af0203fcfb35482e37df2
Malware Config
Targets
-
-
Target
INVOICE (A21)GH-SC200710F.exe
-
Size
865KB
-
MD5
604f34919b1cb3c002f78789a183aa1e
-
SHA1
356268c526fa8182b89fc6bf71a4e5e382ee6c87
-
SHA256
14780eb585efbdc339799d90eefcb8b4b613464566f8cb3f1fed2bcb06dcd17f
-
SHA512
9932bd0c45396ba853fb05c7325b41fa3114ac3c8e990cbe2f29eed7f6f8916c281424aa09763f0da8141f95eee5a66ec1d1954f2f1af0203fcfb35482e37df2
Score7/10-
Reads user/profile data of local email clients
Email clients store some user data on disk where infostealers will often target it.
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Adds Run entry to start application
-
Suspicious use of SetThreadContext
-