General
-
Target
socks111.zip
-
Size
123KB
-
Sample
201117-ldbz89svna
-
MD5
70a89a99b218fa554a88db08fcb481e9
-
SHA1
f187d8fbb3a45c472d643406ccf2e1c3a8edc77c
-
SHA256
521abddc3682570eddb16f3a34072b2655f7091f6d15b57f72b44aa53ae7bdd2
-
SHA512
a501067f7e4f3600980567ebfac86b7d7273febeaa490fce2d8c350ff75352286dba69a5f31845caa4b3505e68d10e2a211f903d4b3e998c246152e74913905b
Static task
static1
Behavioral task
behavioral1
Sample
socks111.exe
Resource
win7v20201028
Malware Config
Targets
-
-
Target
socks111.exe
-
Size
308KB
-
MD5
01a238362f2523cb7838fd42bdf0091d
-
SHA1
d97cdde30f6f83d8f6f6b64701002c69800b4b88
-
SHA256
9689621d55601be8833ad43872cbc8b7a1a956db933575f200b21887426cc32b
-
SHA512
03a96d44ce2c5145c3db381839e9948cb870bbdebe6f8a7b9af83e1fe97f5621cf58ca6993dd764a3af0450d27bb1a3800660813743fdb318ee1954694c12293
-
Executes dropped EXE
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Drops file in System32 directory
-