General
-
Target
e27dba7ca57f716250070e14a6fc137a5df01af26ea53a2138764d1e9190f45e
-
Size
161KB
-
Sample
210227-9ecmyw1rm6
-
MD5
11366f3a5520d7a0c66b4e790ab13c07
-
SHA1
4a2539018ecd40c5484f71126b8a95a352773bc1
-
SHA256
e27dba7ca57f716250070e14a6fc137a5df01af26ea53a2138764d1e9190f45e
-
SHA512
284aa5829b4d808bbd7236135b592296e88df4936bd50e336f00d88b0938c7f71424b32983d0716a538d5500a498758c6124da2249ec250edbf122eae59babe1
Static task
static1
Behavioral task
behavioral1
Sample
e27dba7ca57f716250070e14a6fc137a5df01af26ea53a2138764d1e9190f45e.exe
Resource
win7v20201028
Malware Config
Targets
-
-
Target
e27dba7ca57f716250070e14a6fc137a5df01af26ea53a2138764d1e9190f45e
-
Size
161KB
-
MD5
11366f3a5520d7a0c66b4e790ab13c07
-
SHA1
4a2539018ecd40c5484f71126b8a95a352773bc1
-
SHA256
e27dba7ca57f716250070e14a6fc137a5df01af26ea53a2138764d1e9190f45e
-
SHA512
284aa5829b4d808bbd7236135b592296e88df4936bd50e336f00d88b0938c7f71424b32983d0716a538d5500a498758c6124da2249ec250edbf122eae59babe1
-
Deletes itself
-
Reads data files stored by FTP clients
Tries to access configuration files associated with programs like FileZilla.
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-