General
-
Target
307958978a53add757bf405f62c5083fde482d90b928d0d3420761bad3b81019
-
Size
583KB
-
Sample
201111-2cexgxakaa
-
MD5
a676f6e19fcda956b2d368331817e155
-
SHA1
221e2feca1e6284d11b3532ef0ef9f418513daba
-
SHA256
307958978a53add757bf405f62c5083fde482d90b928d0d3420761bad3b81019
-
SHA512
2a79ec79ae9ddac7e9cd5ba7b1d2938a005a7a8c20cb3526d144082ca61fbbb8e63a4a3963857aa0a3452b3148d4116622e0ef2bbdc836c5d8949b7186999208
Static task
static1
Behavioral task
behavioral1
Sample
307958978a53add757bf405f62c5083fde482d90b928d0d3420761bad3b81019.exe
Resource
win7v20201028
Malware Config
Targets
-
-
Target
307958978a53add757bf405f62c5083fde482d90b928d0d3420761bad3b81019
-
Size
583KB
-
MD5
a676f6e19fcda956b2d368331817e155
-
SHA1
221e2feca1e6284d11b3532ef0ef9f418513daba
-
SHA256
307958978a53add757bf405f62c5083fde482d90b928d0d3420761bad3b81019
-
SHA512
2a79ec79ae9ddac7e9cd5ba7b1d2938a005a7a8c20cb3526d144082ca61fbbb8e63a4a3963857aa0a3452b3148d4116622e0ef2bbdc836c5d8949b7186999208
-
Reads user/profile data of local email clients
Email clients store some user data on disk where infostealers will often target it.
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-