General
-
Target
8fa54f34379027ebadf3e3d3e711848fbfaae81b62cd98ace53e7c6e9d3b7669.exe
-
Size
161KB
-
Sample
210227-afpsmtnaan
-
MD5
a5869c40182110572a1faa8ff9bcdd34
-
SHA1
567380f4b214c0d7c1eb19b81054e406ff3c84cd
-
SHA256
8fa54f34379027ebadf3e3d3e711848fbfaae81b62cd98ace53e7c6e9d3b7669
-
SHA512
9cc551d2be901d7ed00ab0901e1c345c86ba2bb1a23a94bf6a26ca00c29de9d4a483186a626e67082a863992fcd89736c73101765f2bf5a1a9dc83a5c797a76b
Static task
static1
Behavioral task
behavioral1
Sample
8fa54f34379027ebadf3e3d3e711848fbfaae81b62cd98ace53e7c6e9d3b7669.exe
Resource
win7v20201028
Malware Config
Targets
-
-
Target
8fa54f34379027ebadf3e3d3e711848fbfaae81b62cd98ace53e7c6e9d3b7669.exe
-
Size
161KB
-
MD5
a5869c40182110572a1faa8ff9bcdd34
-
SHA1
567380f4b214c0d7c1eb19b81054e406ff3c84cd
-
SHA256
8fa54f34379027ebadf3e3d3e711848fbfaae81b62cd98ace53e7c6e9d3b7669
-
SHA512
9cc551d2be901d7ed00ab0901e1c345c86ba2bb1a23a94bf6a26ca00c29de9d4a483186a626e67082a863992fcd89736c73101765f2bf5a1a9dc83a5c797a76b
-
Deletes itself
-
Reads data files stored by FTP clients
Tries to access configuration files associated with programs like FileZilla.
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-