General
-
Target
DataStealer (1).bin
-
Size
1.1MB
-
Sample
200717-937l7mygva
-
MD5
0169eccba69a58cdffbb1dce2863ae8f
-
SHA1
9718f39bb9307a1b95d9bb403262ffce82758074
-
SHA256
9a3b89ea2396b22020fc8e3bde1b832ca70d8b875b088f451f54e85f359380df
-
SHA512
97ca44993d2a1cf2ecbd423b29bbcea2a500de96b7f7a899ed77d5836f1d111311ee19770c1a20caffeeadc64ccb98e86d1618779b48470f29f94d0eb5f75750
Static task
static1
Behavioral task
behavioral1
Sample
DataStealer (1).bin.exe
Resource
win7
Malware Config
Targets
-
-
Target
DataStealer (1).bin
-
Size
1.1MB
-
MD5
0169eccba69a58cdffbb1dce2863ae8f
-
SHA1
9718f39bb9307a1b95d9bb403262ffce82758074
-
SHA256
9a3b89ea2396b22020fc8e3bde1b832ca70d8b875b088f451f54e85f359380df
-
SHA512
97ca44993d2a1cf2ecbd423b29bbcea2a500de96b7f7a899ed77d5836f1d111311ee19770c1a20caffeeadc64ccb98e86d1618779b48470f29f94d0eb5f75750
-
Echelon log file
Detects a log file produced by Echelon.
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-