General
-
Target
ac7068caed0df4e6427d635b4379a2eacf6ee03ed700b9f6ae74e9fe047381f1.bin.sample.gz
-
Size
153KB
-
Sample
201205-zme5lbjc1a
-
MD5
dd2e3b7aac20903bb8cfe53bc128db1d
-
SHA1
63bf398bd9a7d46a7ee2a2a60a8c5711bea88d18
-
SHA256
4907bed25c3ed8f16d5e658f22fad83ef4d628dedc96d57f657e86e4dd2538f4
-
SHA512
05844f92e9a20ea8d69533faa1c6ca87c4751db1c05568cb317b73a89a7f49a5b92f8a7d647261e9146b9d7f8f61b42c6ad7000ca9fd6f873335e507ecf8169b
Static task
static1
Behavioral task
behavioral1
Sample
sample.exe
Resource
win7v20201028
Behavioral task
behavioral2
Sample
sample.exe
Resource
win10v20201028
Malware Config
Targets
-
-
Target
sample
-
Size
153KB
-
MD5
972092cbe7791d27fc9ff6e9acc12cc3
-
SHA1
5a9482423dd4b9c5ca7251d40420c6487489d8ad
-
SHA256
ac7068caed0df4e6427d635b4379a2eacf6ee03ed700b9f6ae74e9fe047381f1
-
SHA512
6ecc8e38d49280e3e16a6bcc1664a91b7fffe81162254cbd27bcb2c1093570f9ece1ee4128ba3d642d5cbeff76973cf47dd5003ff1c47358e32b268b497fa4f4
Score7/10-
Deletes itself
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Drops file in System32 directory
-
Suspicious use of SetThreadContext
-