General
-
Target
c3d21bb1ea24e0ce6baf55c4a61e4f37157d0c9c5ba1e687594d506760cce70e.exe
-
Size
161KB
-
Sample
210227-nvnxdh8t3x
-
MD5
3829cc7715868987d816f0b23c5c3c9d
-
SHA1
fd228012d63f96f6b5b131e6d652b174b685ecc3
-
SHA256
c3d21bb1ea24e0ce6baf55c4a61e4f37157d0c9c5ba1e687594d506760cce70e
-
SHA512
aa039e133fa83da2f97b677bfe3d008d93114e682842a16164af27302a57b37064e97f739404c87c34fbc4afadd191c2c132070bf5ff0989d6c5a5c696f3576a
Static task
static1
Behavioral task
behavioral1
Sample
c3d21bb1ea24e0ce6baf55c4a61e4f37157d0c9c5ba1e687594d506760cce70e.exe
Resource
win7v20201028
Malware Config
Targets
-
-
Target
c3d21bb1ea24e0ce6baf55c4a61e4f37157d0c9c5ba1e687594d506760cce70e.exe
-
Size
161KB
-
MD5
3829cc7715868987d816f0b23c5c3c9d
-
SHA1
fd228012d63f96f6b5b131e6d652b174b685ecc3
-
SHA256
c3d21bb1ea24e0ce6baf55c4a61e4f37157d0c9c5ba1e687594d506760cce70e
-
SHA512
aa039e133fa83da2f97b677bfe3d008d93114e682842a16164af27302a57b37064e97f739404c87c34fbc4afadd191c2c132070bf5ff0989d6c5a5c696f3576a
-
Deletes itself
-
Reads data files stored by FTP clients
Tries to access configuration files associated with programs like FileZilla.
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-