General
-
Target
074be99cbe3fff4403a53f8ed02772349f764146134c4ab349e1f982e6134cf2
-
Size
185KB
-
Sample
201115-payghsv2m2
-
MD5
10e980a676b7ddd8c8aebbab387c8641
-
SHA1
048d44fa17d1d54467413c450dc49e84553e378c
-
SHA256
074be99cbe3fff4403a53f8ed02772349f764146134c4ab349e1f982e6134cf2
-
SHA512
850ddce3ade0ede3f9db5b9b8f3de772a0fb99b0f934288b8e848af5bf66d7baac8645da9bb68b9d4e27c4e46ac9196d4b1e7263beab16f5190b676774d7ae15
Static task
static1
Behavioral task
behavioral1
Sample
074be99cbe3fff4403a53f8ed02772349f764146134c4ab349e1f982e6134cf2.exe
Resource
win7v20201028
Malware Config
Targets
-
-
Target
074be99cbe3fff4403a53f8ed02772349f764146134c4ab349e1f982e6134cf2
-
Size
185KB
-
MD5
10e980a676b7ddd8c8aebbab387c8641
-
SHA1
048d44fa17d1d54467413c450dc49e84553e378c
-
SHA256
074be99cbe3fff4403a53f8ed02772349f764146134c4ab349e1f982e6134cf2
-
SHA512
850ddce3ade0ede3f9db5b9b8f3de772a0fb99b0f934288b8e848af5bf66d7baac8645da9bb68b9d4e27c4e46ac9196d4b1e7263beab16f5190b676774d7ae15
-
Deletes itself
-
Reads data files stored by FTP clients
Tries to access configuration files associated with programs like FileZilla.
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-