General
-
Target
a136bf3fd2e55ddc5abfaf05830fa0eb0b6b4f8d81720b2999307987d6adac00.exe
-
Size
129KB
-
Sample
201111-v7ktbd5jks
-
MD5
1c690d7f0e5238916db2f2dbc4300b81
-
SHA1
675d6ce01543f80989074e17ce00fc307ac47726
-
SHA256
a136bf3fd2e55ddc5abfaf05830fa0eb0b6b4f8d81720b2999307987d6adac00
-
SHA512
ee8488d8b77f584a3302621fc83213ea65677ff70e76299ceab135507408b742d8e20c3390e33cef72862784ed7a4b40bbd6a911e554b0408cfb2114ffa8b7c7
Static task
static1
Behavioral task
behavioral1
Sample
a136bf3fd2e55ddc5abfaf05830fa0eb0b6b4f8d81720b2999307987d6adac00.exe
Resource
win7v20201028
Malware Config
Targets
-
-
Target
a136bf3fd2e55ddc5abfaf05830fa0eb0b6b4f8d81720b2999307987d6adac00.exe
-
Size
129KB
-
MD5
1c690d7f0e5238916db2f2dbc4300b81
-
SHA1
675d6ce01543f80989074e17ce00fc307ac47726
-
SHA256
a136bf3fd2e55ddc5abfaf05830fa0eb0b6b4f8d81720b2999307987d6adac00
-
SHA512
ee8488d8b77f584a3302621fc83213ea65677ff70e76299ceab135507408b742d8e20c3390e33cef72862784ed7a4b40bbd6a911e554b0408cfb2114ffa8b7c7
-
Reads data files stored by FTP clients
Tries to access configuration files associated with programs like FileZilla.
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Suspicious use of SetThreadContext
-