General
-
Target
d6aa014ba066d9408de45856524ff33aedf962ef6d9b8f280488c74563f50722.bin.sample.gz
-
Size
263KB
-
Sample
201205-l6y1tfebda
-
MD5
b9395138d40dcc2870350ff8a89453bf
-
SHA1
64390aa574a69944e80853c3b82e110ef64f3843
-
SHA256
c424c16775dfbb087a8bd78da988e8a395f977335d1a281768f22d0ee583597c
-
SHA512
b8422f0d1d1978c5dad6698e816428cb5fe3fe68b8a827b9bc04df91ef0b30a1465ab4d384525af8d0996f5a76e5a87416074f83bce9d44faff9fa31e36f1137
Static task
static1
Behavioral task
behavioral1
Sample
sample.exe
Resource
win7v20201028
Behavioral task
behavioral2
Sample
sample.exe
Resource
win10v20201028
Malware Config
Targets
-
-
Target
sample
-
Size
263KB
-
MD5
93f3e9950498a238e4a3a10b308911b1
-
SHA1
715a966fd9a134c890553762d401ce364e56c5dd
-
SHA256
d6aa014ba066d9408de45856524ff33aedf962ef6d9b8f280488c74563f50722
-
SHA512
8f32f61f2a89ebb13f2c9f44a5487475ce246a401853c0d0908d4d6ed0eb5756ae910d3e5194f748fd3f8333fda4d8c7171f7e09928f0f9e8f7550e03f1874ee
Score7/10-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Drops file in System32 directory
-
Suspicious use of SetThreadContext
-