General
-
Target
f0ca23d101868cd75aed85f10eda2c0067e7de7f81f84eee0232e9cd5f319889
-
Size
978KB
-
Sample
201106-ws86fm3dgs
-
MD5
6e8498b91bf1a607f76bc04b2ad2fa70
-
SHA1
95e1904c2f67cd364b8b386e5ccdd33edcd4955c
-
SHA256
f0ca23d101868cd75aed85f10eda2c0067e7de7f81f84eee0232e9cd5f319889
-
SHA512
00553a4611ec8badd707471ca53cebdc6cb876043a2e52522fb058369c228cfcf9fadb105795177bec50cc181c54879ab3cab74009ed2828ea96268c3dbcd172
Static task
static1
Behavioral task
behavioral1
Sample
f0ca23d101868cd75aed85f10eda2c0067e7de7f81f84eee0232e9cd5f319889.exe
Resource
win7v20201028
Malware Config
Targets
-
-
Target
f0ca23d101868cd75aed85f10eda2c0067e7de7f81f84eee0232e9cd5f319889
-
Size
978KB
-
MD5
6e8498b91bf1a607f76bc04b2ad2fa70
-
SHA1
95e1904c2f67cd364b8b386e5ccdd33edcd4955c
-
SHA256
f0ca23d101868cd75aed85f10eda2c0067e7de7f81f84eee0232e9cd5f319889
-
SHA512
00553a4611ec8badd707471ca53cebdc6cb876043a2e52522fb058369c228cfcf9fadb105795177bec50cc181c54879ab3cab74009ed2828ea96268c3dbcd172
-
Echelon log file
Detects a log file produced by Echelon.
-
Executes dropped EXE
-
Deletes itself
-
Loads dropped DLL
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-