General
-
Target
b1c680e9e56f42c48ca592fcd688500fb073ee3fdd8a36c584ab86cae9a225a0.bin
-
Size
259KB
-
Sample
201103-487ke4s83x
-
MD5
86d510eb9e29b3e3a7e35e0d28d905db
-
SHA1
b7fb5af7efbc5dc4c1324f0be237acf57202a2e3
-
SHA256
b1c680e9e56f42c48ca592fcd688500fb073ee3fdd8a36c584ab86cae9a225a0
-
SHA512
cf0e7196727c97948f6455ea3372b89eb37f0968e5409df6c160461ea116ceec53de6c5286f57ed94027de9f92f610f486fa99a8b98258320e97d21a0e549167
Static task
static1
Behavioral task
behavioral1
Sample
b1c680e9e56f42c48ca592fcd688500fb073ee3fdd8a36c584ab86cae9a225a0.bin.exe
Resource
win7v20201028
Malware Config
Targets
-
-
Target
b1c680e9e56f42c48ca592fcd688500fb073ee3fdd8a36c584ab86cae9a225a0.bin
-
Size
259KB
-
MD5
86d510eb9e29b3e3a7e35e0d28d905db
-
SHA1
b7fb5af7efbc5dc4c1324f0be237acf57202a2e3
-
SHA256
b1c680e9e56f42c48ca592fcd688500fb073ee3fdd8a36c584ab86cae9a225a0
-
SHA512
cf0e7196727c97948f6455ea3372b89eb37f0968e5409df6c160461ea116ceec53de6c5286f57ed94027de9f92f610f486fa99a8b98258320e97d21a0e549167
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-