General
-
Target
29fcb7e81428cb4cd932ccaf2ed0f61ef9d47853605c153a6de503d54009f11a
-
Size
1.3MB
-
Sample
210118-pfhrgzh6r2
-
MD5
c05e8d23aee188ef1594e120bcb8a0a7
-
SHA1
62352e85e273244d1179c1aa554c651ffaed75e3
-
SHA256
29fcb7e81428cb4cd932ccaf2ed0f61ef9d47853605c153a6de503d54009f11a
-
SHA512
3ca9dfb9393837c55b03804357ce7e0192c973ea2bf915f0c4c64df6074768458575c6863ee4a83da53e137507918356fc3a4d611a29ca2666b36729cdebd2f6
Static task
static1
Behavioral task
behavioral1
Sample
29fcb7e81428cb4cd932ccaf2ed0f61ef9d47853605c153a6de503d54009f11a.exe
Resource
win7v20201028
Behavioral task
behavioral2
Sample
29fcb7e81428cb4cd932ccaf2ed0f61ef9d47853605c153a6de503d54009f11a.exe
Resource
win10v20201028
Malware Config
Targets
-
-
Target
29fcb7e81428cb4cd932ccaf2ed0f61ef9d47853605c153a6de503d54009f11a
-
Size
1.3MB
-
MD5
c05e8d23aee188ef1594e120bcb8a0a7
-
SHA1
62352e85e273244d1179c1aa554c651ffaed75e3
-
SHA256
29fcb7e81428cb4cd932ccaf2ed0f61ef9d47853605c153a6de503d54009f11a
-
SHA512
3ca9dfb9393837c55b03804357ce7e0192c973ea2bf915f0c4c64df6074768458575c6863ee4a83da53e137507918356fc3a4d611a29ca2666b36729cdebd2f6
Score10/10-
Modifies system executable filetype association
-
Loads dropped DLL
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Suspicious use of SetThreadContext
-