General
-
Target
5192e1040b52c2a04944019e5ac537eec1e8300d8ebb9f759c667f3be8ef7957.exe
-
Size
161KB
-
Sample
210227-arhyv7rpxj
-
MD5
7484a31ce6eb449ea59a44ebe46f11cd
-
SHA1
db19cad7a6f71a90e700539edc9d3fa0804dd2ff
-
SHA256
5192e1040b52c2a04944019e5ac537eec1e8300d8ebb9f759c667f3be8ef7957
-
SHA512
300a4ceeb1905d9fefec1a9040c35b93528cdc211b4d6a05f6db5244fbc10501ee61f1d338465aa6842e007ef815d7dbbab4aa206a1e3aa89adc0a14a028314d
Static task
static1
Behavioral task
behavioral1
Sample
5192e1040b52c2a04944019e5ac537eec1e8300d8ebb9f759c667f3be8ef7957.exe
Resource
win7v20201028
Malware Config
Targets
-
-
Target
5192e1040b52c2a04944019e5ac537eec1e8300d8ebb9f759c667f3be8ef7957.exe
-
Size
161KB
-
MD5
7484a31ce6eb449ea59a44ebe46f11cd
-
SHA1
db19cad7a6f71a90e700539edc9d3fa0804dd2ff
-
SHA256
5192e1040b52c2a04944019e5ac537eec1e8300d8ebb9f759c667f3be8ef7957
-
SHA512
300a4ceeb1905d9fefec1a9040c35b93528cdc211b4d6a05f6db5244fbc10501ee61f1d338465aa6842e007ef815d7dbbab4aa206a1e3aa89adc0a14a028314d
-
Deletes itself
-
Reads data files stored by FTP clients
Tries to access configuration files associated with programs like FileZilla.
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-