General
-
Target
anticheats.exe
-
Size
417KB
-
Sample
201109-bltppdkmwa
-
MD5
fb2d06f3a2c9d4b9ec1064af3bf9f357
-
SHA1
aef3c1737f45eb8c1438b759d12d4eae9ce514ba
-
SHA256
95ab142281af83bca92a9919b0691e3966218a96273452c15b701485af44ad0b
-
SHA512
a7a083bbc238a061346f0fc884ab3eda39a23de4301e07112a758882d11b6a98d7c536649d3a6e01161c0ceadf4efb806f713be95a6185b5c10d0dfb06e5a063
Static task
static1
Behavioral task
behavioral1
Sample
anticheats.exe
Resource
win7v20201028
Malware Config
Targets
-
-
Target
anticheats.exe
-
Size
417KB
-
MD5
fb2d06f3a2c9d4b9ec1064af3bf9f357
-
SHA1
aef3c1737f45eb8c1438b759d12d4eae9ce514ba
-
SHA256
95ab142281af83bca92a9919b0691e3966218a96273452c15b701485af44ad0b
-
SHA512
a7a083bbc238a061346f0fc884ab3eda39a23de4301e07112a758882d11b6a98d7c536649d3a6e01161c0ceadf4efb806f713be95a6185b5c10d0dfb06e5a063
-
Echelon log file
Detects a log file produced by Echelon.
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-