General
-
Target
7d017b752826bf83685828bebc8a00b050490f46aaa8c21b0dd1020f0c9b563e.bin
-
Size
18KB
-
Sample
210118-vvmmfncbwn
-
MD5
d360e4b15da3d3b89640a3ba98464214
-
SHA1
67816c29b8f35cff28bb4f3f1428d001a8f1f280
-
SHA256
7d017b752826bf83685828bebc8a00b050490f46aaa8c21b0dd1020f0c9b563e
-
SHA512
d00295e6d7192c0a2dfa8ccbf18fb344852fae9de074fc843b6ef20967b003c7fcff2b6835fc3dd7bd69c0bfdf714c22f972a5e609f5859d051579c94967179a
Static task
static1
Behavioral task
behavioral1
Sample
7d017b752826bf83685828bebc8a00b050490f46aaa8c21b0dd1020f0c9b563e.bin.exe
Resource
win7v20201028
Behavioral task
behavioral2
Sample
7d017b752826bf83685828bebc8a00b050490f46aaa8c21b0dd1020f0c9b563e.bin.exe
Resource
win10v20201028
Malware Config
Extracted
C:\Users\Admin\Desktop\READ_ME.hta
https://wikipedia.org/wiki/Bitcoinhttps://wikipedia.org/wiki/Encryption
Targets
-
-
Target
7d017b752826bf83685828bebc8a00b050490f46aaa8c21b0dd1020f0c9b563e.bin
-
Size
18KB
-
MD5
d360e4b15da3d3b89640a3ba98464214
-
SHA1
67816c29b8f35cff28bb4f3f1428d001a8f1f280
-
SHA256
7d017b752826bf83685828bebc8a00b050490f46aaa8c21b0dd1020f0c9b563e
-
SHA512
d00295e6d7192c0a2dfa8ccbf18fb344852fae9de074fc843b6ef20967b003c7fcff2b6835fc3dd7bd69c0bfdf714c22f972a5e609f5859d051579c94967179a
Score10/10-
Executes dropped EXE
-
Drops startup file
-
Loads dropped DLL
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Adds Run key to start application
-
Drops file in System32 directory
-