General
-
Target
a6e2df1384daf8a7f3617e244fede0cb.exe
-
Size
440KB
-
Sample
210129-94tdyl352s
-
MD5
a6e2df1384daf8a7f3617e244fede0cb
-
SHA1
12f318b2b3a17d18d681344dc89d8b4e1915bb58
-
SHA256
6b7ed06733029a0f341eba7fd91846b8080230f975c98862af03cb1155d4a097
-
SHA512
b1e5a74557077fc384be2987f71d4c6ad3ab2ef805601b0650d0c4b16c3d0435b6ef18c5b05273ceedf293fca5d95d2620d5e62316fe0d2a6474faef7cd98764
Static task
static1
Behavioral task
behavioral1
Sample
a6e2df1384daf8a7f3617e244fede0cb.exe
Resource
win7v20201028
Malware Config
Targets
-
-
Target
a6e2df1384daf8a7f3617e244fede0cb.exe
-
Size
440KB
-
MD5
a6e2df1384daf8a7f3617e244fede0cb
-
SHA1
12f318b2b3a17d18d681344dc89d8b4e1915bb58
-
SHA256
6b7ed06733029a0f341eba7fd91846b8080230f975c98862af03cb1155d4a097
-
SHA512
b1e5a74557077fc384be2987f71d4c6ad3ab2ef805601b0650d0c4b16c3d0435b6ef18c5b05273ceedf293fca5d95d2620d5e62316fe0d2a6474faef7cd98764
-
Deletes itself
-
Loads dropped DLL
-
Reads user/profile data of local email clients
Email clients store some user data on disk where infostealers will often target it.
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
JavaScript code in executable
-