General
-
Target
SecuriteInfo.com.Mal.Generic-S.930.4597
-
Size
3.9MB
-
Sample
201109-x9mjjw8lkj
-
MD5
460e041ccff9d5cf560b87a71ca3aabd
-
SHA1
07065b8143d074ec62453d560a80644d70301ac6
-
SHA256
b7db5b70b15ebac71e0aa8d7cb4e5f663171721b03157644cc2880a38337048a
-
SHA512
d9eda0b44c603b565f6a34c7394a869ae3097f7ce281ca0f76a59f8ebfaed41768b200300e49edc663737cece5f84769ffecb185fac13f5d34fd3267546f3cdb
Static task
static1
Behavioral task
behavioral1
Sample
SecuriteInfo.com.Mal.Generic-S.930.4597.exe
Resource
win7v20201028
Malware Config
Targets
-
-
Target
SecuriteInfo.com.Mal.Generic-S.930.4597
-
Size
3.9MB
-
MD5
460e041ccff9d5cf560b87a71ca3aabd
-
SHA1
07065b8143d074ec62453d560a80644d70301ac6
-
SHA256
b7db5b70b15ebac71e0aa8d7cb4e5f663171721b03157644cc2880a38337048a
-
SHA512
d9eda0b44c603b565f6a34c7394a869ae3097f7ce281ca0f76a59f8ebfaed41768b200300e49edc663737cece5f84769ffecb185fac13f5d34fd3267546f3cdb
-
Suspicious use of NtCreateUserProcessOtherParentProcess
-
Modifies boot configuration data using bcdedit
-
Drops file in Drivers directory
-
Executes dropped EXE
-
Modifies Windows Firewall
-
Loads dropped DLL
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
JavaScript code in executable
-
Modifies service
-