General
-
Target
376eceec074e00eed57561743299ce349d4305fd6829f02ae7c578ecdae59d7e.zip
-
Size
300KB
-
Sample
201211-7enahmsvza
-
MD5
b8dea9903f42422871e2bfa8529dd8eb
-
SHA1
1b57f8c5ab9170a073a16c1d9044b1eb03d29a72
-
SHA256
4953b55d6b1a3c0c06178d8c005641b63c875d9aaa330fe430d049dd6617e70a
-
SHA512
e95a699aa932eb23393c8a8cc5ec6d91db8d93c58001f7cb127c11f0d5095105e05727e795b4b38a3bc6c0569ac64fdf1febb26bc1a0c569bf6a4126d36d622b
Static task
static1
Behavioral task
behavioral1
Sample
376eceec074e00eed57561743299ce349d4305fd6829f02ae7c578ecdae59d7e.exe
Resource
win7v20201028
Behavioral task
behavioral2
Sample
376eceec074e00eed57561743299ce349d4305fd6829f02ae7c578ecdae59d7e.exe
Resource
win10v20201028
Malware Config
Targets
-
-
Target
376eceec074e00eed57561743299ce349d4305fd6829f02ae7c578ecdae59d7e
-
Size
373KB
-
MD5
a3701be6d0583d2f351a11cfac483623
-
SHA1
18b378083bdd67452a64bdb93c6a9a5a20770cc2
-
SHA256
376eceec074e00eed57561743299ce349d4305fd6829f02ae7c578ecdae59d7e
-
SHA512
22932982cacf44414e1dadf20f999aa8183022f7dbcca6cb22afe64514452ab4d01fd758c54ed9b58e9c55e32778cd300da19d9419572795d912bfe3e3fc7c24
Score10/10-
Executes dropped EXE
-
Deletes itself
-
Loads dropped DLL
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Adds Run key to start application
-
Suspicious use of SetThreadContext
-