General
-
Target
7147771c3d2ba63b6b0e25069d7bf6c34b9476734f02abd297b9ceff874b4066
-
Size
161KB
-
Sample
210227-q7wvd71xtn
-
MD5
ce447585e81263cccbcec570fc6591e6
-
SHA1
a3d28ca0d6c03065f1a7f7445657c55d032c800b
-
SHA256
7147771c3d2ba63b6b0e25069d7bf6c34b9476734f02abd297b9ceff874b4066
-
SHA512
4fe252da693ec083863acbcbd1ca7797b46302cd18d5e1fea73b72f7c90f3819936f4108d229ac485be5b8da2a9d655f2a4dfb8f32ade82e342e52f0073f2690
Static task
static1
Behavioral task
behavioral1
Sample
7147771c3d2ba63b6b0e25069d7bf6c34b9476734f02abd297b9ceff874b4066.exe
Resource
win7v20201028
Malware Config
Targets
-
-
Target
7147771c3d2ba63b6b0e25069d7bf6c34b9476734f02abd297b9ceff874b4066
-
Size
161KB
-
MD5
ce447585e81263cccbcec570fc6591e6
-
SHA1
a3d28ca0d6c03065f1a7f7445657c55d032c800b
-
SHA256
7147771c3d2ba63b6b0e25069d7bf6c34b9476734f02abd297b9ceff874b4066
-
SHA512
4fe252da693ec083863acbcbd1ca7797b46302cd18d5e1fea73b72f7c90f3819936f4108d229ac485be5b8da2a9d655f2a4dfb8f32ade82e342e52f0073f2690
-
Deletes itself
-
Reads data files stored by FTP clients
Tries to access configuration files associated with programs like FileZilla.
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-