General
-
Target
3e1f7453aa2f3bc50b969bb46142a09ac3d68c01cec4fc3c0277fa124625d731.bin
-
Size
259KB
-
Sample
201103-wlky8yes2s
-
MD5
89ee3a586546d373c7e43e4711ec6258
-
SHA1
f2ef4b2ae047c7e7cfb8efaaf705c560cd75418e
-
SHA256
3e1f7453aa2f3bc50b969bb46142a09ac3d68c01cec4fc3c0277fa124625d731
-
SHA512
7758ba155f5086112c10dbe86a1345dca3bd080a30428bf5491e870dc2076f4b413bb6feef535b882326e26293c0ef1d91bc5a66db148b394e4e3ada289fb547
Static task
static1
Behavioral task
behavioral1
Sample
3e1f7453aa2f3bc50b969bb46142a09ac3d68c01cec4fc3c0277fa124625d731.bin.exe
Resource
win7v20201028
Malware Config
Targets
-
-
Target
3e1f7453aa2f3bc50b969bb46142a09ac3d68c01cec4fc3c0277fa124625d731.bin
-
Size
259KB
-
MD5
89ee3a586546d373c7e43e4711ec6258
-
SHA1
f2ef4b2ae047c7e7cfb8efaaf705c560cd75418e
-
SHA256
3e1f7453aa2f3bc50b969bb46142a09ac3d68c01cec4fc3c0277fa124625d731
-
SHA512
7758ba155f5086112c10dbe86a1345dca3bd080a30428bf5491e870dc2076f4b413bb6feef535b882326e26293c0ef1d91bc5a66db148b394e4e3ada289fb547
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-