General
-
Target
958bcd0dcb4a1fe6d5a35016b45f336e
-
Size
859KB
-
Sample
201025-2evly861zs
-
MD5
958bcd0dcb4a1fe6d5a35016b45f336e
-
SHA1
870683671b188887bce2dd3ae2234ff7540000b0
-
SHA256
f52f1869bfde156b6c22b36561d473f58273ea5c49a7403db8670c5a59f696d8
-
SHA512
45bfd9ff786e69226f0568122de76f40a250e1419b8cf1ab0e23c171bba2dce8f9d6f79aa181f20474c5d068099ce93d7f23007395a56c599d1d7be4efb3c168
Static task
static1
Behavioral task
behavioral1
Sample
958bcd0dcb4a1fe6d5a35016b45f336e.exe
Resource
win7
Malware Config
Targets
-
-
Target
958bcd0dcb4a1fe6d5a35016b45f336e
-
Size
859KB
-
MD5
958bcd0dcb4a1fe6d5a35016b45f336e
-
SHA1
870683671b188887bce2dd3ae2234ff7540000b0
-
SHA256
f52f1869bfde156b6c22b36561d473f58273ea5c49a7403db8670c5a59f696d8
-
SHA512
45bfd9ff786e69226f0568122de76f40a250e1419b8cf1ab0e23c171bba2dce8f9d6f79aa181f20474c5d068099ce93d7f23007395a56c599d1d7be4efb3c168
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-