General
-
Target
ce8a5b2ba476610b8cf3332cd6d63abfa5d6266ebdfa088f0e0599efdc7c9ec7
-
Size
136KB
-
Sample
210227-6n4nhb72na
-
MD5
c7b0db2ed0b572bcbc0c70d8d5f73248
-
SHA1
bcad296c760b403967d53f57fbf2c740ee238276
-
SHA256
ce8a5b2ba476610b8cf3332cd6d63abfa5d6266ebdfa088f0e0599efdc7c9ec7
-
SHA512
f3e294e45d5fd7b8f3faffc939ea1eb61d3a1eb5b14688244cad0cc10b235bbae94e5eb0b7d0f0e468b7e0dfc44383fba999a499c574aa6381ad9ade819665a1
Static task
static1
Behavioral task
behavioral1
Sample
ce8a5b2ba476610b8cf3332cd6d63abfa5d6266ebdfa088f0e0599efdc7c9ec7.exe
Resource
win7v20201028
Malware Config
Targets
-
-
Target
ce8a5b2ba476610b8cf3332cd6d63abfa5d6266ebdfa088f0e0599efdc7c9ec7
-
Size
136KB
-
MD5
c7b0db2ed0b572bcbc0c70d8d5f73248
-
SHA1
bcad296c760b403967d53f57fbf2c740ee238276
-
SHA256
ce8a5b2ba476610b8cf3332cd6d63abfa5d6266ebdfa088f0e0599efdc7c9ec7
-
SHA512
f3e294e45d5fd7b8f3faffc939ea1eb61d3a1eb5b14688244cad0cc10b235bbae94e5eb0b7d0f0e468b7e0dfc44383fba999a499c574aa6381ad9ade819665a1
-
Deletes itself
-
Reads data files stored by FTP clients
Tries to access configuration files associated with programs like FileZilla.
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-