General
-
Target
SecuriteInfo.com.BehavesLike.Win32.Generic.rc.24109
-
Size
4.6MB
-
Sample
201120-myarj5ghzj
-
MD5
2b850328e045c89a396af20bb10efe99
-
SHA1
277ac714f14b916fc1c6e8f45b9e8201cbb6c3e5
-
SHA256
20d4f5c1aeb9db0c7be6a5c2c88216412225e8419d4374a0e50c92d81c5e67fc
-
SHA512
0820697c24d729d6bdc227a6fa2fd6993265fc736daba86427eb9acb635cc8aba6b3a517384fe42ede40da2b1a1474c1273da3306309bbd724b9f38683b01450
Static task
static1
Behavioral task
behavioral1
Sample
SecuriteInfo.com.BehavesLike.Win32.Generic.rc.24109.exe
Resource
win7v20201028
Malware Config
Targets
-
-
Target
SecuriteInfo.com.BehavesLike.Win32.Generic.rc.24109
-
Size
4.6MB
-
MD5
2b850328e045c89a396af20bb10efe99
-
SHA1
277ac714f14b916fc1c6e8f45b9e8201cbb6c3e5
-
SHA256
20d4f5c1aeb9db0c7be6a5c2c88216412225e8419d4374a0e50c92d81c5e67fc
-
SHA512
0820697c24d729d6bdc227a6fa2fd6993265fc736daba86427eb9acb635cc8aba6b3a517384fe42ede40da2b1a1474c1273da3306309bbd724b9f38683b01450
-
Blacklisted process makes network request
-
Deletes itself
-
Loads dropped DLL
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Drops desktop.ini file(s)
-