General
-
Target
Shipping Document PL&BL Draft.exe
-
Size
730KB
-
Sample
200713-fwgf9bcx2n
-
MD5
bfefe46f1d547f9da51fc00409829a09
-
SHA1
51e84e711f2191d138c14aa4b421aff54cc2042f
-
SHA256
5d6d79cf8e947dbd356240026f305d09c23e61990bf0302d9020d7fa935254ae
-
SHA512
c46de0c92a2734f6f829a519c52350887111e43b2b63deaf2f706c92752361252fa43aba99a092502816d6b8fa967316e7b5ca6397fcae2c4c572a4b933491eb
Static task
static1
Behavioral task
behavioral1
Sample
Shipping Document PL&BL Draft.exe
Resource
win7
Behavioral task
behavioral2
Sample
Shipping Document PL&BL Draft.exe
Resource
win10v200430
Malware Config
Targets
-
-
Target
Shipping Document PL&BL Draft.exe
-
Size
730KB
-
MD5
bfefe46f1d547f9da51fc00409829a09
-
SHA1
51e84e711f2191d138c14aa4b421aff54cc2042f
-
SHA256
5d6d79cf8e947dbd356240026f305d09c23e61990bf0302d9020d7fa935254ae
-
SHA512
c46de0c92a2734f6f829a519c52350887111e43b2b63deaf2f706c92752361252fa43aba99a092502816d6b8fa967316e7b5ca6397fcae2c4c572a4b933491eb
Score7/10-
Reads user/profile data of local email clients
Email clients store some user data on disk where infostealers will often target it.
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Suspicious use of SetThreadContext
-