General
-
Target
1621ccea1c9d1e32a1a53bab7882b47caadd2b1e88f691a1c38c01a2d9a371c8
-
Size
427KB
-
Sample
201106-m9yktyc126
-
MD5
f5573df6a9392f7ccd1ae5db84608d02
-
SHA1
3f2e001aafc86a9d7a0d87274a5e7bd5bdae6b34
-
SHA256
1621ccea1c9d1e32a1a53bab7882b47caadd2b1e88f691a1c38c01a2d9a371c8
-
SHA512
484007a0512fc837ff668d49de0fe514a62cef2001a42521304accd7cd0da6f961c3665fb1ee23f234b3e6ebf68ce37edb3bbd26797c33b826fb5b73e7026389
Static task
static1
Behavioral task
behavioral1
Sample
1621ccea1c9d1e32a1a53bab7882b47caadd2b1e88f691a1c38c01a2d9a371c8.exe
Resource
win7v20201028
Malware Config
Targets
-
-
Target
1621ccea1c9d1e32a1a53bab7882b47caadd2b1e88f691a1c38c01a2d9a371c8
-
Size
427KB
-
MD5
f5573df6a9392f7ccd1ae5db84608d02
-
SHA1
3f2e001aafc86a9d7a0d87274a5e7bd5bdae6b34
-
SHA256
1621ccea1c9d1e32a1a53bab7882b47caadd2b1e88f691a1c38c01a2d9a371c8
-
SHA512
484007a0512fc837ff668d49de0fe514a62cef2001a42521304accd7cd0da6f961c3665fb1ee23f234b3e6ebf68ce37edb3bbd26797c33b826fb5b73e7026389
-
Reads user/profile data of local email clients
Email clients store some user data on disk where infostealers will often target it.
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-