General
-
Target
0786b0ecb13a0fa33fb9269ce8a49ac1f986fcf4892b7b8c41edb73cba06482e
-
Size
276KB
-
Sample
201117-587y2qp2wj
-
MD5
c26a267ea63d570e00bce752c3984f1e
-
SHA1
02d868a3294b481a4579fd02b8cfe786f1f2e7c4
-
SHA256
0786b0ecb13a0fa33fb9269ce8a49ac1f986fcf4892b7b8c41edb73cba06482e
-
SHA512
23ff814b9acb6940725ffdb3bad457912798eccaf3e35ec69eadd5f7aa5f4ba47fc71fb78962641d94e7066c8e9fb4b64cc7558bacf6479f632867b956ebc531
Malware Config
Targets
-
-
Target
0786b0ecb13a0fa33fb9269ce8a49ac1f986fcf4892b7b8c41edb73cba06482e
-
Size
276KB
-
MD5
c26a267ea63d570e00bce752c3984f1e
-
SHA1
02d868a3294b481a4579fd02b8cfe786f1f2e7c4
-
SHA256
0786b0ecb13a0fa33fb9269ce8a49ac1f986fcf4892b7b8c41edb73cba06482e
-
SHA512
23ff814b9acb6940725ffdb3bad457912798eccaf3e35ec69eadd5f7aa5f4ba47fc71fb78962641d94e7066c8e9fb4b64cc7558bacf6479f632867b956ebc531
Score7/10-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-