General
-
Target
69abe7b349372636c464d7130dc433bd250d154879d49c9257922eadcb345e46.exe
-
Size
161KB
-
Sample
210227-8sa2mht11n
-
MD5
0ef95bce6d1da84e5b269cf0b5667bb7
-
SHA1
9aa99fa6f7e7a8b80aefc69dce5487c9223f8905
-
SHA256
69abe7b349372636c464d7130dc433bd250d154879d49c9257922eadcb345e46
-
SHA512
a567a5997b57cc20f2f7a10ba45686a49ce4f5a601b18af3bc61f360f169efbbb6604cfba2c62f675e025ae75662608ca16cba29c548c61370f878144498d34d
Static task
static1
Behavioral task
behavioral1
Sample
69abe7b349372636c464d7130dc433bd250d154879d49c9257922eadcb345e46.exe
Resource
win7v20201028
Malware Config
Targets
-
-
Target
69abe7b349372636c464d7130dc433bd250d154879d49c9257922eadcb345e46.exe
-
Size
161KB
-
MD5
0ef95bce6d1da84e5b269cf0b5667bb7
-
SHA1
9aa99fa6f7e7a8b80aefc69dce5487c9223f8905
-
SHA256
69abe7b349372636c464d7130dc433bd250d154879d49c9257922eadcb345e46
-
SHA512
a567a5997b57cc20f2f7a10ba45686a49ce4f5a601b18af3bc61f360f169efbbb6604cfba2c62f675e025ae75662608ca16cba29c548c61370f878144498d34d
-
Deletes itself
-
Reads data files stored by FTP clients
Tries to access configuration files associated with programs like FileZilla.
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-