General
-
Target
WAREN HACK v 1.20.exe
-
Size
1.1MB
-
Sample
201019-h6xv4nbac6
-
MD5
d3ed7434a5619379b47da8b79641479f
-
SHA1
51a7a3dc32640bf2160425256b64a55d0ce20ccd
-
SHA256
11060800a86a66ff505e7771b9ccc8f711edcedf0df0ca1f594651dfc09dcd89
-
SHA512
6fb53a67c6b927f7d682d30ab2d5420e7fc58219708df3199aefdd1db4a95bf1ac1e45d486f740c6fdecdfb1cbf13cb57206523dd14b5219651224eed37fbdad
Static task
static1
Malware Config
Targets
-
-
Target
WAREN HACK v 1.20.exe
-
Size
1.1MB
-
MD5
d3ed7434a5619379b47da8b79641479f
-
SHA1
51a7a3dc32640bf2160425256b64a55d0ce20ccd
-
SHA256
11060800a86a66ff505e7771b9ccc8f711edcedf0df0ca1f594651dfc09dcd89
-
SHA512
6fb53a67c6b927f7d682d30ab2d5420e7fc58219708df3199aefdd1db4a95bf1ac1e45d486f740c6fdecdfb1cbf13cb57206523dd14b5219651224eed37fbdad
-
Echelon log file
Detects a log file produced by Echelon.
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-