General
-
Target
02.exe
-
Size
6.6MB
-
Sample
200713-g2rnej6xsx
-
MD5
ecddd6d62635a78ed22d56bc374fc4be
-
SHA1
6779e68fcd2a18c09b071e2c26c9cafbe3afb280
-
SHA256
a54ab41f309b7b7685ae21e1f8146b72c8dd072059ae0c658a38b439ebaab767
-
SHA512
e7a04a8468f70097e33934d43c9cacb72d17a8a4ca65b278d068932cbe8123669c12aefd78ea0f908b1feec873d24b0227eab788002fe946b9c83a260da6fa27
Static task
static1
Behavioral task
behavioral2
Sample
02.exe
Resource
win10v200430
Malware Config
Targets
-
-
Target
02.exe
-
Size
6.6MB
-
MD5
ecddd6d62635a78ed22d56bc374fc4be
-
SHA1
6779e68fcd2a18c09b071e2c26c9cafbe3afb280
-
SHA256
a54ab41f309b7b7685ae21e1f8146b72c8dd072059ae0c658a38b439ebaab767
-
SHA512
e7a04a8468f70097e33934d43c9cacb72d17a8a4ca65b278d068932cbe8123669c12aefd78ea0f908b1feec873d24b0227eab788002fe946b9c83a260da6fa27
Score8/10-
Executes dropped EXE
-
Drops startup file
-
Loads dropped DLL
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Enumerates connected drives
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-