General
-
Target
2f276c37d91582a6b24609f45b6344782fbdee981c6eb302b1b10adb39399d36
-
Size
338KB
-
Sample
201108-13ffd527xx
-
MD5
1ff34a6b6ecb536fffa8fa5458588170
-
SHA1
4e858fb20e36b7ca693b2fa0d0fb4d41c503d2fa
-
SHA256
2f276c37d91582a6b24609f45b6344782fbdee981c6eb302b1b10adb39399d36
-
SHA512
b9094db840ec96a6765cfd12c8f92b653ed43db050abed94b78d4e55023b2eece1b5680bc2775749587d3120dbc336fbbd10aaf0d6161411316e6546237a7e3c
Static task
static1
Behavioral task
behavioral1
Sample
2f276c37d91582a6b24609f45b6344782fbdee981c6eb302b1b10adb39399d36.exe
Resource
win7v20201028
Malware Config
Targets
-
-
Target
2f276c37d91582a6b24609f45b6344782fbdee981c6eb302b1b10adb39399d36
-
Size
338KB
-
MD5
1ff34a6b6ecb536fffa8fa5458588170
-
SHA1
4e858fb20e36b7ca693b2fa0d0fb4d41c503d2fa
-
SHA256
2f276c37d91582a6b24609f45b6344782fbdee981c6eb302b1b10adb39399d36
-
SHA512
b9094db840ec96a6765cfd12c8f92b653ed43db050abed94b78d4e55023b2eece1b5680bc2775749587d3120dbc336fbbd10aaf0d6161411316e6546237a7e3c
-
Loads dropped DLL
-
Reads user/profile data of local email clients
Email clients store some user data on disk where infostealers will often target it.
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
JavaScript code in executable
-
Suspicious use of SetThreadContext
-