General
-
Target
00202c71a310ebcbdf60717b1d3f0bc57c59abb8b9a31e3199f8ff7011734035
-
Size
161KB
-
Sample
210227-a55ytrlg9e
-
MD5
32f19bec2593a26948fc10a2cf46e310
-
SHA1
7e60f5bbdbeeb12bd28555c8a22b8e384f20184a
-
SHA256
00202c71a310ebcbdf60717b1d3f0bc57c59abb8b9a31e3199f8ff7011734035
-
SHA512
3baea46b7b38f7be77eca23e9dd2a6cf80f162d8dc0dbb7451bbcc8659f618a36f22cfca0aefc9a9ca03bfcc9fb912fbd59bbbf51144f7f39b964637d69eac56
Static task
static1
Behavioral task
behavioral1
Sample
00202c71a310ebcbdf60717b1d3f0bc57c59abb8b9a31e3199f8ff7011734035.exe
Resource
win7v20201028
Malware Config
Targets
-
-
Target
00202c71a310ebcbdf60717b1d3f0bc57c59abb8b9a31e3199f8ff7011734035
-
Size
161KB
-
MD5
32f19bec2593a26948fc10a2cf46e310
-
SHA1
7e60f5bbdbeeb12bd28555c8a22b8e384f20184a
-
SHA256
00202c71a310ebcbdf60717b1d3f0bc57c59abb8b9a31e3199f8ff7011734035
-
SHA512
3baea46b7b38f7be77eca23e9dd2a6cf80f162d8dc0dbb7451bbcc8659f618a36f22cfca0aefc9a9ca03bfcc9fb912fbd59bbbf51144f7f39b964637d69eac56
-
Deletes itself
-
Reads data files stored by FTP clients
Tries to access configuration files associated with programs like FileZilla.
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-