General
-
Target
5d136dca10595e85a08c7149061741e0c46e3e45e305ee024badfa8f4dd2fc59.exe
-
Size
161KB
-
Sample
210227-hczkmfjv5a
-
MD5
fdf359c4c78053f76cd818eff6a2cec4
-
SHA1
5ffb3c6f3820f5827a3ddc7eac9bb6a94a7948bd
-
SHA256
5d136dca10595e85a08c7149061741e0c46e3e45e305ee024badfa8f4dd2fc59
-
SHA512
c67a76fe872107439433075426f9d6dd0b81267d0eb4afa69a75e164f5909f02a6d2873ecf46ce067830bbcd8a16ced9b06cfccc92490e2e68890ef092d011b3
Static task
static1
Behavioral task
behavioral1
Sample
5d136dca10595e85a08c7149061741e0c46e3e45e305ee024badfa8f4dd2fc59.exe
Resource
win7v20201028
Malware Config
Targets
-
-
Target
5d136dca10595e85a08c7149061741e0c46e3e45e305ee024badfa8f4dd2fc59.exe
-
Size
161KB
-
MD5
fdf359c4c78053f76cd818eff6a2cec4
-
SHA1
5ffb3c6f3820f5827a3ddc7eac9bb6a94a7948bd
-
SHA256
5d136dca10595e85a08c7149061741e0c46e3e45e305ee024badfa8f4dd2fc59
-
SHA512
c67a76fe872107439433075426f9d6dd0b81267d0eb4afa69a75e164f5909f02a6d2873ecf46ce067830bbcd8a16ced9b06cfccc92490e2e68890ef092d011b3
-
Deletes itself
-
Reads data files stored by FTP clients
Tries to access configuration files associated with programs like FileZilla.
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-