General
-
Target
SecuriteInfo.com.Gen.NN.ZemsilF.34132.pm0@[email protected]
-
Size
249KB
-
Sample
200713-q1nlp972c2
-
MD5
eec0d052347c5d97f55d50a91c3a6c2d
-
SHA1
5baee3e1e2c3236eaa382a46f7919194626b4604
-
SHA256
047ff786f8bdd92bcf070f006d07ee6ca9bf63bd08213ec6b8807486c8b3f016
-
SHA512
ab0b23f28c548ffbdb456d4c8a4ad06725a371f1108d27a506c9fbd6ccde38916ecc0b2fc18099e6a3a5b657700b88caa90992a76bf995e16ed2f750fc5e84ba
Static task
static1
Behavioral task
behavioral1
Sample
SecuriteInfo.com.Gen.NN.ZemsilF.34132.pm0@[email protected]
Resource
win7v200430
Behavioral task
behavioral2
Sample
SecuriteInfo.com.Gen.NN.ZemsilF.34132.pm0@[email protected]
Resource
win10
Malware Config
Targets
-
-
Target
SecuriteInfo.com.Gen.NN.ZemsilF.34132.pm0@[email protected]
-
Size
249KB
-
MD5
eec0d052347c5d97f55d50a91c3a6c2d
-
SHA1
5baee3e1e2c3236eaa382a46f7919194626b4604
-
SHA256
047ff786f8bdd92bcf070f006d07ee6ca9bf63bd08213ec6b8807486c8b3f016
-
SHA512
ab0b23f28c548ffbdb456d4c8a4ad06725a371f1108d27a506c9fbd6ccde38916ecc0b2fc18099e6a3a5b657700b88caa90992a76bf995e16ed2f750fc5e84ba
Score10/10-
Adds Run entry to policy start application
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Suspicious use of SetThreadContext
-