General
-
Target
750af74930c1c52f23ca84a4325a196e9893141db475f0e2751137471ba37433
-
Size
161KB
-
Sample
210227-qs4cfbcq4a
-
MD5
c6a84c99d20e2918116820c956890070
-
SHA1
11bceabfe2c7e2e96bd723aa9cc87b009836370b
-
SHA256
750af74930c1c52f23ca84a4325a196e9893141db475f0e2751137471ba37433
-
SHA512
2cd110566d57714a5f8520e612649d0320c914b7a0146f50aae2eef5c2b4832fab9bbec68f45117de5e7b5d0236c19d58ec6ca3583551495e29608193cba6c4a
Static task
static1
Behavioral task
behavioral1
Sample
750af74930c1c52f23ca84a4325a196e9893141db475f0e2751137471ba37433.exe
Resource
win7v20201028
Malware Config
Targets
-
-
Target
750af74930c1c52f23ca84a4325a196e9893141db475f0e2751137471ba37433
-
Size
161KB
-
MD5
c6a84c99d20e2918116820c956890070
-
SHA1
11bceabfe2c7e2e96bd723aa9cc87b009836370b
-
SHA256
750af74930c1c52f23ca84a4325a196e9893141db475f0e2751137471ba37433
-
SHA512
2cd110566d57714a5f8520e612649d0320c914b7a0146f50aae2eef5c2b4832fab9bbec68f45117de5e7b5d0236c19d58ec6ca3583551495e29608193cba6c4a
-
Deletes itself
-
Reads data files stored by FTP clients
Tries to access configuration files associated with programs like FileZilla.
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-