General
-
Target
Transferencia,pdf.scr
-
Size
883KB
-
Sample
210112-vc51ytdq9n
-
MD5
2b8f56aded46aa04a89c3a7266a305c4
-
SHA1
c09ab6301b41dbc56a13055bd2f1c4a6449ead1f
-
SHA256
7a8eebf6eada42c5c69de9a87a982c5d5654f681cebd074d924856a5ea54517b
-
SHA512
7914345fc6b13447c6a80ef5002bea10c188421a92c5cb17c25f82ca1dce44abc818b1a81d451b258c16c889de24af14cc093323b5849122947a187985bc14e5
Static task
static1
Behavioral task
behavioral1
Sample
Transferencia,pdf.scr
Resource
win7v20201028
Behavioral task
behavioral2
Sample
Transferencia,pdf.scr
Resource
win10v20201028
Malware Config
Targets
-
-
Target
Transferencia,pdf.scr
-
Size
883KB
-
MD5
2b8f56aded46aa04a89c3a7266a305c4
-
SHA1
c09ab6301b41dbc56a13055bd2f1c4a6449ead1f
-
SHA256
7a8eebf6eada42c5c69de9a87a982c5d5654f681cebd074d924856a5ea54517b
-
SHA512
7914345fc6b13447c6a80ef5002bea10c188421a92c5cb17c25f82ca1dce44abc818b1a81d451b258c16c889de24af14cc093323b5849122947a187985bc14e5
Score7/10-
Reads user/profile data of local email clients
Email clients store some user data on disk where infostealers will often target it.
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Drops desktop.ini file(s)
-
Suspicious use of SetThreadContext
-