General
-
Target
Stealer.exe
-
Size
2.0MB
-
Sample
210210-wgyfd9zf7x
-
MD5
054c44a6e8cecca202cafb0810dd0715
-
SHA1
41346cfb2945a993afce18f68f8de1ce76008e1b
-
SHA256
3face654f8b468fa5b820aed7c8fead522bf6b3604a76758ce75bfa250238e52
-
SHA512
d74cffa8585e935d3947951315b4d4fc41e6f4eac1721c19f2cadb5ca472a7c832eaf92b65be9ab4c35c7aafb2bf9490849ade3f1c07ee59822b05f94d1ecddf
Static task
static1
Behavioral task
behavioral1
Sample
Stealer.exe
Resource
win7v20201028
Behavioral task
behavioral2
Sample
Stealer.exe
Resource
win10v20201028
Malware Config
Targets
-
-
Target
Stealer.exe
-
Size
2.0MB
-
MD5
054c44a6e8cecca202cafb0810dd0715
-
SHA1
41346cfb2945a993afce18f68f8de1ce76008e1b
-
SHA256
3face654f8b468fa5b820aed7c8fead522bf6b3604a76758ce75bfa250238e52
-
SHA512
d74cffa8585e935d3947951315b4d4fc41e6f4eac1721c19f2cadb5ca472a7c832eaf92b65be9ab4c35c7aafb2bf9490849ade3f1c07ee59822b05f94d1ecddf
Score10/10-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Enumerates physical storage devices
Attempts to interact with connected storage/optical drive(s). Likely ransomware behaviour.
-