General
-
Target
b7e84af79c21fe219a0c4f0e8b0588d3970306c43e4e14df93a8ab5cbe2734e8
-
Size
161KB
-
Sample
210227-sqxcll1s1n
-
MD5
1db3fd1a7de8f2a1f4a6c52f33e575ff
-
SHA1
0edef69a35c51ffc45d05c379f76b4bf0ef6ea3c
-
SHA256
b7e84af79c21fe219a0c4f0e8b0588d3970306c43e4e14df93a8ab5cbe2734e8
-
SHA512
e2077c1e4e5bf5f54f4295930201d6910d59036f75630faf807c2dba15ee84e740be52489109adf801109431697edfd0cef72d4198a3936e5cd145b52dc3022b
Static task
static1
Behavioral task
behavioral1
Sample
b7e84af79c21fe219a0c4f0e8b0588d3970306c43e4e14df93a8ab5cbe2734e8.exe
Resource
win7v20201028
Malware Config
Targets
-
-
Target
b7e84af79c21fe219a0c4f0e8b0588d3970306c43e4e14df93a8ab5cbe2734e8
-
Size
161KB
-
MD5
1db3fd1a7de8f2a1f4a6c52f33e575ff
-
SHA1
0edef69a35c51ffc45d05c379f76b4bf0ef6ea3c
-
SHA256
b7e84af79c21fe219a0c4f0e8b0588d3970306c43e4e14df93a8ab5cbe2734e8
-
SHA512
e2077c1e4e5bf5f54f4295930201d6910d59036f75630faf807c2dba15ee84e740be52489109adf801109431697edfd0cef72d4198a3936e5cd145b52dc3022b
-
Deletes itself
-
Reads data files stored by FTP clients
Tries to access configuration files associated with programs like FileZilla.
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-