General
-
Target
a43b6b78eb285916fb4740e4e431e2333d3601850afd99f6ef0f279bdd14f683.bin.sample.gz
-
Size
231KB
-
Sample
201205-4by1fgffxn
-
MD5
6d055a61007e9c7bb04f90940cbe58e1
-
SHA1
df38e7043e8200cf12fa541a3293225f182da2fc
-
SHA256
560eea0aa70d13747bf2522b6a87b33bc59a8f63cf2a2b26024181f012c01bfb
-
SHA512
1426c6e8692a9b174b1a12fffde49819226454a3f284b234ed6f2a08f753a0e172f5ac7a83b4a4fba8eaf0cb5dd4a3f425f1fa82876b4ebb92e4e2d958ce8196
Static task
static1
Behavioral task
behavioral1
Sample
sample.exe
Resource
win7v20201028
Behavioral task
behavioral2
Sample
sample.exe
Resource
win10v20201028
Malware Config
Targets
-
-
Target
sample
-
Size
231KB
-
MD5
b97ff4c24dfb2a65748501879b846bf8
-
SHA1
d1291797c89d92f574a34ae6e49f37f054273bab
-
SHA256
a43b6b78eb285916fb4740e4e431e2333d3601850afd99f6ef0f279bdd14f683
-
SHA512
fb70e9393dbf2a09594f35488350b110737fd0e42845d0ef9fc2a3ceb05589c2a546ac2574653eee5ed1952f9d1349dd8b6842c52453a54b3c172341dbeb1eff
Score7/10-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Drops file in System32 directory
-
Suspicious use of SetThreadContext
-