General
-
Target
5b1ea2d49e67007b6ee9140168a8b81c09caf3bfce2d5c56cec55c8cfcbcadbe
-
Size
597KB
-
Sample
201108-y2df1q6q3s
-
MD5
ef373d49851d6eaf410b015626f7b3c8
-
SHA1
82d00639b56f5205f6596d95a6fbe150b89526a3
-
SHA256
5b1ea2d49e67007b6ee9140168a8b81c09caf3bfce2d5c56cec55c8cfcbcadbe
-
SHA512
e0c2a75b82de28c997100cf5ab3117dc16f18319aa8eedd95ae7ce8d782baf526bfd7e5d3771a56b6ecde847f474763118cd662e456195087d46505dd32863d5
Static task
static1
Behavioral task
behavioral1
Sample
5b1ea2d49e67007b6ee9140168a8b81c09caf3bfce2d5c56cec55c8cfcbcadbe.exe
Resource
win7v20201028
Malware Config
Targets
-
-
Target
5b1ea2d49e67007b6ee9140168a8b81c09caf3bfce2d5c56cec55c8cfcbcadbe
-
Size
597KB
-
MD5
ef373d49851d6eaf410b015626f7b3c8
-
SHA1
82d00639b56f5205f6596d95a6fbe150b89526a3
-
SHA256
5b1ea2d49e67007b6ee9140168a8b81c09caf3bfce2d5c56cec55c8cfcbcadbe
-
SHA512
e0c2a75b82de28c997100cf5ab3117dc16f18319aa8eedd95ae7ce8d782baf526bfd7e5d3771a56b6ecde847f474763118cd662e456195087d46505dd32863d5
-
Reads user/profile data of local email clients
Email clients store some user data on disk where infostealers will often target it.
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-