General
-
Target
44158adc2ca27c732b0f715d30a46a8142264b8d0aac3ed9080e2fc6566029a8.bin.sample.gz
-
Size
146KB
-
Sample
201205-dfdh3dngen
-
MD5
a0ecf0beb9833aaa755772206870f149
-
SHA1
a85fccd2a3679c4351589809aa78c163d3a9e42b
-
SHA256
3eee08c5a5bb8d69f89f4c1da908c3a7c51e3c8513552af230fc5d3aeb02933c
-
SHA512
1af82c643904826c7338c6b011ac1d22a356c103fea0a35abb232785178a3e76fe0f1bf758d21db6000ec58dc080fa9b09e051b8916ceabc2d05024e1b1a64ee
Static task
static1
Behavioral task
behavioral1
Sample
sample.exe
Resource
win7v20201028
Behavioral task
behavioral2
Sample
sample.exe
Resource
win10v20201028
Malware Config
Targets
-
-
Target
sample
-
Size
146KB
-
MD5
83a98a605845b4e09c32b37cfa188d52
-
SHA1
d8b347c539598a34b69f653bce4ad4689454cde8
-
SHA256
44158adc2ca27c732b0f715d30a46a8142264b8d0aac3ed9080e2fc6566029a8
-
SHA512
fbd0737475f974c8a8aef15e5e5efb1654d16ed50c8cc4af687878b952e692ce4c4373074ce2097c366f50d3fbebbd8dd335877d3053e7580ee14799218606e8
Score7/10-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Drops file in System32 directory
-
Suspicious use of SetThreadContext
-