General
-
Target
2d23a91c03b6cf0daa55ae6d44fd3676e7613dd5df1eeca32944f14d5f497d72
-
Size
427KB
-
Sample
201113-q65wh9mjpe
-
MD5
4722bca4e90f78d620ee9f5750f99bcc
-
SHA1
46b587503fb39efaa49e3d0c270c8f18c4c5bd8d
-
SHA256
2d23a91c03b6cf0daa55ae6d44fd3676e7613dd5df1eeca32944f14d5f497d72
-
SHA512
7aabaaf0bb0a152b51e46621603ba6afe12fbb8b3a9371ea23a1c7d1a58cf6b21cafdc58ab4ad1e57686c165c695c0c7aca8caf0e64c753475f00f6e99ac061e
Static task
static1
Behavioral task
behavioral1
Sample
2d23a91c03b6cf0daa55ae6d44fd3676e7613dd5df1eeca32944f14d5f497d72.exe
Resource
win7v20201028
Malware Config
Targets
-
-
Target
2d23a91c03b6cf0daa55ae6d44fd3676e7613dd5df1eeca32944f14d5f497d72
-
Size
427KB
-
MD5
4722bca4e90f78d620ee9f5750f99bcc
-
SHA1
46b587503fb39efaa49e3d0c270c8f18c4c5bd8d
-
SHA256
2d23a91c03b6cf0daa55ae6d44fd3676e7613dd5df1eeca32944f14d5f497d72
-
SHA512
7aabaaf0bb0a152b51e46621603ba6afe12fbb8b3a9371ea23a1c7d1a58cf6b21cafdc58ab4ad1e57686c165c695c0c7aca8caf0e64c753475f00f6e99ac061e
-
Reads user/profile data of local email clients
Email clients store some user data on disk where infostealers will often target it.
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-