General
-
Target
Facturas.exe
-
Size
909KB
-
Sample
200713-mqnpm55c3a
-
MD5
d75a4be4b55e4b2359298cde65d5fa9e
-
SHA1
4dd995bf2183bc545d422f67abd6f3666bb14e1e
-
SHA256
bbbfb4d66a6d1ff1fb9f476cc8607a2a0b1a0bb27bdaba095a3715489d8e4315
-
SHA512
b56490322992d50d188f1b34c3c6971df8893d7b2c5c3db428018ffbe3ae93f00f9b2338710eb6a7c98b63731316063346ea8a743bcc4033274f448dc60559b5
Static task
static1
Behavioral task
behavioral1
Sample
Facturas.exe
Resource
win7
Behavioral task
behavioral2
Sample
Facturas.exe
Resource
win10
Malware Config
Targets
-
-
Target
Facturas.exe
-
Size
909KB
-
MD5
d75a4be4b55e4b2359298cde65d5fa9e
-
SHA1
4dd995bf2183bc545d422f67abd6f3666bb14e1e
-
SHA256
bbbfb4d66a6d1ff1fb9f476cc8607a2a0b1a0bb27bdaba095a3715489d8e4315
-
SHA512
b56490322992d50d188f1b34c3c6971df8893d7b2c5c3db428018ffbe3ae93f00f9b2338710eb6a7c98b63731316063346ea8a743bcc4033274f448dc60559b5
Score7/10-
Deletes itself
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Adds Run entry to start application
-
js
-
Suspicious use of SetThreadContext
-