General
-
Target
140f87db3380c234d7e3330df5131431f818882da885f9437c26d96807a008f4
-
Size
401KB
-
Sample
201113-pygablyjms
-
MD5
c1184ae58724d465eb3f4bdb268e3a05
-
SHA1
98d1f7f9352c5f2802b96c9da4c8111c232a40a1
-
SHA256
140f87db3380c234d7e3330df5131431f818882da885f9437c26d96807a008f4
-
SHA512
900f15e10afe429d9ac5b30eafdace101dc5c8173ebd0477a115b88e94cb39566f38a00abfd005425c65951155172d0bbd5022b43b295a20cb685ac451f0f760
Static task
static1
Behavioral task
behavioral1
Sample
140f87db3380c234d7e3330df5131431f818882da885f9437c26d96807a008f4.exe
Resource
win7v20201028
Malware Config
Targets
-
-
Target
140f87db3380c234d7e3330df5131431f818882da885f9437c26d96807a008f4
-
Size
401KB
-
MD5
c1184ae58724d465eb3f4bdb268e3a05
-
SHA1
98d1f7f9352c5f2802b96c9da4c8111c232a40a1
-
SHA256
140f87db3380c234d7e3330df5131431f818882da885f9437c26d96807a008f4
-
SHA512
900f15e10afe429d9ac5b30eafdace101dc5c8173ebd0477a115b88e94cb39566f38a00abfd005425c65951155172d0bbd5022b43b295a20cb685ac451f0f760
-
Reads user/profile data of local email clients
Email clients store some user data on disk where infostealers will often target it.
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-