General
-
Target
300-4-0x00000000050B0000-0x0000000005136000-memory.dmp.exe
-
Size
536KB
-
Sample
201125-syh3ex1nna
-
MD5
c955a9aee5daefcceb7580623ea6b12c
-
SHA1
78b2c7eae60e70f92189f4cf8bd2697203ce3377
-
SHA256
9190acfffc1d789884d6ba885bd257c4c1d88530449d4387df16d7876154676d
-
SHA512
36bd2f427933b599f264a0feac5fa566e124a4bbca06bdf4dc4d7f8c6d1a427b04d2a84ca4086264bf7553e35cdefe8f27ad84157aab30267e9bd312c99d9067
Static task
static1
Behavioral task
behavioral1
Sample
300-4-0x00000000050B0000-0x0000000005136000-memory.dmp.exe
Resource
win7v20201028
Malware Config
Targets
-
-
Target
300-4-0x00000000050B0000-0x0000000005136000-memory.dmp.exe
-
Size
536KB
-
MD5
c955a9aee5daefcceb7580623ea6b12c
-
SHA1
78b2c7eae60e70f92189f4cf8bd2697203ce3377
-
SHA256
9190acfffc1d789884d6ba885bd257c4c1d88530449d4387df16d7876154676d
-
SHA512
36bd2f427933b599f264a0feac5fa566e124a4bbca06bdf4dc4d7f8c6d1a427b04d2a84ca4086264bf7553e35cdefe8f27ad84157aab30267e9bd312c99d9067
Score7/10-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-