General
-
Target
849eb5b7325b832a27887f0b6e67fe94f9135a2206f3bb299b839b7d4d5121ec
-
Size
463KB
-
Sample
201108-3kwqxs95t2
-
MD5
3be7e517e0b301c2fa9b3377a6ab75e7
-
SHA1
17de201b9eec31263d22c9fbb7dd6ded04a68122
-
SHA256
849eb5b7325b832a27887f0b6e67fe94f9135a2206f3bb299b839b7d4d5121ec
-
SHA512
738ffa018cf5633221c8b8f0ea130abbcdb5bbdf597b7ec427b75b5a31d35fb7c9a406910008d2fde44ee9f96bee0fee877c6dd6c8e321951872863b5614e92f
Static task
static1
Behavioral task
behavioral1
Sample
849eb5b7325b832a27887f0b6e67fe94f9135a2206f3bb299b839b7d4d5121ec.exe
Resource
win7v20201028
Malware Config
Targets
-
-
Target
849eb5b7325b832a27887f0b6e67fe94f9135a2206f3bb299b839b7d4d5121ec
-
Size
463KB
-
MD5
3be7e517e0b301c2fa9b3377a6ab75e7
-
SHA1
17de201b9eec31263d22c9fbb7dd6ded04a68122
-
SHA256
849eb5b7325b832a27887f0b6e67fe94f9135a2206f3bb299b839b7d4d5121ec
-
SHA512
738ffa018cf5633221c8b8f0ea130abbcdb5bbdf597b7ec427b75b5a31d35fb7c9a406910008d2fde44ee9f96bee0fee877c6dd6c8e321951872863b5614e92f
-
Deletes itself
-
Loads dropped DLL
-
Reads user/profile data of local email clients
Email clients store some user data on disk where infostealers will often target it.
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
JavaScript code in executable
-