General
-
Target
SecuriteInfo.com.BehavesLike.Win32.PUPXAA.gc.13908
-
Size
461KB
-
Sample
210127-8vmlgqnv8a
-
MD5
d13ae177bec6a4b029d27da7760c6a82
-
SHA1
82290981b05c6037aff5dc23fa750ef5286162c8
-
SHA256
5e2f7f542c52206b21fada8618c1683b6e7db12ca85541b8b11be54b5a6f65e7
-
SHA512
a939f2e1bacb1544a29c156b2d561d741696f05407cb8907dde23aba68ca4ac87fb358fa82c74ce58d6199470897dfd78d0a47041bc2f6e0c693241209bf1405
Static task
static1
Behavioral task
behavioral1
Sample
SecuriteInfo.com.BehavesLike.Win32.PUPXAA.gc.13908.exe
Resource
win7v20201028
Malware Config
Targets
-
-
Target
SecuriteInfo.com.BehavesLike.Win32.PUPXAA.gc.13908
-
Size
461KB
-
MD5
d13ae177bec6a4b029d27da7760c6a82
-
SHA1
82290981b05c6037aff5dc23fa750ef5286162c8
-
SHA256
5e2f7f542c52206b21fada8618c1683b6e7db12ca85541b8b11be54b5a6f65e7
-
SHA512
a939f2e1bacb1544a29c156b2d561d741696f05407cb8907dde23aba68ca4ac87fb358fa82c74ce58d6199470897dfd78d0a47041bc2f6e0c693241209bf1405
-
Deletes itself
-
Loads dropped DLL
-
Reads user/profile data of local email clients
Email clients store some user data on disk where infostealers will often target it.
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
JavaScript code in executable
-