General
-
Target
d4a95cb018790baa835f5cf01e1c9aef.exe
-
Size
918KB
-
Sample
201204-pd5fvr8nge
-
MD5
d4a95cb018790baa835f5cf01e1c9aef
-
SHA1
7da8d9c1d75246703e0f95a1898f8640e7885fd2
-
SHA256
2de60b9b75cfb829476090b0b28fa219219c36076a55338d1337ae3035eab76b
-
SHA512
fd1e41777a06802ba26181cb8104f65a839577c706cee76b47a5ab615816cbc2f1fee4b75d8bff0a23e600a83dd16f3b6bebc37cf8d035bb1447cb71c8f213f0
Static task
static1
Behavioral task
behavioral1
Sample
d4a95cb018790baa835f5cf01e1c9aef.exe
Resource
win7v20201028
Behavioral task
behavioral2
Sample
d4a95cb018790baa835f5cf01e1c9aef.exe
Resource
win10v20201028
Malware Config
Targets
-
-
Target
d4a95cb018790baa835f5cf01e1c9aef.exe
-
Size
918KB
-
MD5
d4a95cb018790baa835f5cf01e1c9aef
-
SHA1
7da8d9c1d75246703e0f95a1898f8640e7885fd2
-
SHA256
2de60b9b75cfb829476090b0b28fa219219c36076a55338d1337ae3035eab76b
-
SHA512
fd1e41777a06802ba26181cb8104f65a839577c706cee76b47a5ab615816cbc2f1fee4b75d8bff0a23e600a83dd16f3b6bebc37cf8d035bb1447cb71c8f213f0
Score7/10-
Reads data files stored by FTP clients
Tries to access configuration files associated with programs like FileZilla.
-
Reads user/profile data of local email clients
Email clients store some user data on disk where infostealers will often target it.
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-