General
-
Target
winrar-x64-591.exe
-
Size
3.1MB
-
Sample
201124-ecm49wfmgj
-
MD5
779b1a96f1da4a1af90eecf940dd6d07
-
SHA1
3f077891cddd60f7770067f044ddf56ea73d699d
-
SHA256
58bb4399d28df01f90e1d0c5b2cf734dc53557d543354de3ce14fa6f6931c58a
-
SHA512
ae37b7b3647e63ccafb98b87d14d7cd02855c06bd6b7cdbcd00db85b65d40bd8a5e95bafb859d1fbd01fe832b3ba1b910ed68bcaaf56a96d47d317292bdc2488
Static task
static1
Behavioral task
behavioral1
Sample
winrar-x64-591.exe
Resource
win7v20201028
Behavioral task
behavioral2
Sample
winrar-x64-591.exe
Resource
win10v20201028
Malware Config
Targets
-
-
Target
winrar-x64-591.exe
-
Size
3.1MB
-
MD5
779b1a96f1da4a1af90eecf940dd6d07
-
SHA1
3f077891cddd60f7770067f044ddf56ea73d699d
-
SHA256
58bb4399d28df01f90e1d0c5b2cf734dc53557d543354de3ce14fa6f6931c58a
-
SHA512
ae37b7b3647e63ccafb98b87d14d7cd02855c06bd6b7cdbcd00db85b65d40bd8a5e95bafb859d1fbd01fe832b3ba1b910ed68bcaaf56a96d47d317292bdc2488
Score10/10-
Modifies system executable filetype association
-
Registers COM server for autorun
-
Executes dropped EXE
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
JavaScript code in executable
-