General
-
Target
New PO #0164522433 JAN 2021.gz
-
Size
628KB
-
Sample
210114-4s38tnc7xs
-
MD5
655032e5cfb4f167a08f9ced5cd70353
-
SHA1
0e0d7ef1aa78f1befa5c9448c40c653081a57dcb
-
SHA256
81f37df3917ea95216634ff7316e5c4a1378245b90e4418a7ead52a6025939f6
-
SHA512
5a6c8e9084c0501b72d1dd4dd5fa85b3938c13cd02c5dd5cd16cd85f41c31bc81aaf20cf622fb4d55c419b96c471b3d868982fb202d254b04434bd664e8ceff7
Static task
static1
Behavioral task
behavioral1
Sample
New PO #0164522433 JAN 2021.exe
Resource
win10v20201028
Malware Config
Targets
-
-
Target
New PO #0164522433 JAN 2021.exe
-
Size
1.1MB
-
MD5
1cbe8e5ddca661fc3239ffcb3b44b1db
-
SHA1
1cc2dd369304b5ad81113b06cf7f73c75226cc4e
-
SHA256
8ca38b4cf8849e7b7d18cc8afdae915c4dedc2f5aaca4b9a4fd57bdfd5e25a25
-
SHA512
df833315d49687c0910e92c0f0cba2eefde3657d42b5b6ae7ab2929187d9857c4d45dbba9c253897a18c835c69b4dc44a58cb63f4a29757d75f4e893a81ad558
Score7/10-
Reads user/profile data of local email clients
Email clients store some user data on disk where infostealers will often target it.
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Suspicious use of SetThreadContext
-