General
-
Target
3ed035d022c0bb23c38edc3914b73fe3f08088eb622de796f90f17a43f9a8c6e
-
Size
639KB
-
Sample
201106-82vesk4jd6
-
MD5
400c27fd646c503f308306062d412174
-
SHA1
46771f4789958b8aec780b2e31eeb7e5040e835a
-
SHA256
3ed035d022c0bb23c38edc3914b73fe3f08088eb622de796f90f17a43f9a8c6e
-
SHA512
f471aeeee3c9ce03ee685df63e7bd11b390495b51a68042361337e0b2dec53a8558b3bc13c0933374bfe72e379d0695003f502e82d689427a70a24b9ab254c1e
Static task
static1
Behavioral task
behavioral1
Sample
3ed035d022c0bb23c38edc3914b73fe3f08088eb622de796f90f17a43f9a8c6e.exe
Resource
win7v20201028
Malware Config
Targets
-
-
Target
3ed035d022c0bb23c38edc3914b73fe3f08088eb622de796f90f17a43f9a8c6e
-
Size
639KB
-
MD5
400c27fd646c503f308306062d412174
-
SHA1
46771f4789958b8aec780b2e31eeb7e5040e835a
-
SHA256
3ed035d022c0bb23c38edc3914b73fe3f08088eb622de796f90f17a43f9a8c6e
-
SHA512
f471aeeee3c9ce03ee685df63e7bd11b390495b51a68042361337e0b2dec53a8558b3bc13c0933374bfe72e379d0695003f502e82d689427a70a24b9ab254c1e
-
Reads user/profile data of local email clients
Email clients store some user data on disk where infostealers will often target it.
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-
Suspicious use of SetThreadContext
-