General
-
Target
200ea893543df1ab909c78ed95c3f56b1693b283a6b210bc9d8f0694faab1168
-
Size
185KB
-
Sample
201115-qeg1gv2m7s
-
MD5
97fe3364b2b8650abc296568d1a47112
-
SHA1
9dd3eedc0fd859171f19112cdf9e37fa910b0b7e
-
SHA256
200ea893543df1ab909c78ed95c3f56b1693b283a6b210bc9d8f0694faab1168
-
SHA512
690d779b52d3567e2e971040ecd4154778b68a83e07693082adb43436af4d6b01ef25b1ae3b207d7d9dff16e29bca18aba626b8b937db4eb0f3e634647c312ca
Static task
static1
Behavioral task
behavioral1
Sample
200ea893543df1ab909c78ed95c3f56b1693b283a6b210bc9d8f0694faab1168.exe
Resource
win7v20201028
Malware Config
Targets
-
-
Target
200ea893543df1ab909c78ed95c3f56b1693b283a6b210bc9d8f0694faab1168
-
Size
185KB
-
MD5
97fe3364b2b8650abc296568d1a47112
-
SHA1
9dd3eedc0fd859171f19112cdf9e37fa910b0b7e
-
SHA256
200ea893543df1ab909c78ed95c3f56b1693b283a6b210bc9d8f0694faab1168
-
SHA512
690d779b52d3567e2e971040ecd4154778b68a83e07693082adb43436af4d6b01ef25b1ae3b207d7d9dff16e29bca18aba626b8b937db4eb0f3e634647c312ca
-
Deletes itself
-
Reads data files stored by FTP clients
Tries to access configuration files associated with programs like FileZilla.
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-