General
-
Target
5a3cc9c2323f9f79768ad21700626030b7171065f141bf543f6b75c842464896.exe
-
Size
161KB
-
Sample
210227-g89ew3ebfa
-
MD5
3243fc4e925b1345e78c52195e1650f3
-
SHA1
e6a0df3cad55fffb159400d861714b0c3bb2e13b
-
SHA256
5a3cc9c2323f9f79768ad21700626030b7171065f141bf543f6b75c842464896
-
SHA512
20e6be85e6c582c494a349c2f5aa61632fe78a57c133302e1e42a93a92b5d41234b456a6935804ed35273219469265c303b88c460066669da1210c8d889bc036
Static task
static1
Behavioral task
behavioral1
Sample
5a3cc9c2323f9f79768ad21700626030b7171065f141bf543f6b75c842464896.exe
Resource
win7v20201028
Malware Config
Targets
-
-
Target
5a3cc9c2323f9f79768ad21700626030b7171065f141bf543f6b75c842464896.exe
-
Size
161KB
-
MD5
3243fc4e925b1345e78c52195e1650f3
-
SHA1
e6a0df3cad55fffb159400d861714b0c3bb2e13b
-
SHA256
5a3cc9c2323f9f79768ad21700626030b7171065f141bf543f6b75c842464896
-
SHA512
20e6be85e6c582c494a349c2f5aa61632fe78a57c133302e1e42a93a92b5d41234b456a6935804ed35273219469265c303b88c460066669da1210c8d889bc036
-
Deletes itself
-
Reads data files stored by FTP clients
Tries to access configuration files associated with programs like FileZilla.
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-