General
-
Target
b3feec059ff8a39d9ff93a950a3e1e1da7b464097db715a3e47e4284f3f21191
-
Size
97KB
-
Sample
210227-srfag3e23s
-
MD5
7a5aec4c4616290073aaf42664c434d9
-
SHA1
5614b6864f5be342223c13817558b872ea402596
-
SHA256
b3feec059ff8a39d9ff93a950a3e1e1da7b464097db715a3e47e4284f3f21191
-
SHA512
7e57773210573d4656c5802871091b395b5042ee306e8c9df95df3639536f8d3d0e1dc146dead82a47d0db2ced4d51961d656ee28524e041cf3b5eef5e809a0a
Static task
static1
Behavioral task
behavioral1
Sample
b3feec059ff8a39d9ff93a950a3e1e1da7b464097db715a3e47e4284f3f21191.exe
Resource
win7v20201028
Malware Config
Targets
-
-
Target
b3feec059ff8a39d9ff93a950a3e1e1da7b464097db715a3e47e4284f3f21191
-
Size
97KB
-
MD5
7a5aec4c4616290073aaf42664c434d9
-
SHA1
5614b6864f5be342223c13817558b872ea402596
-
SHA256
b3feec059ff8a39d9ff93a950a3e1e1da7b464097db715a3e47e4284f3f21191
-
SHA512
7e57773210573d4656c5802871091b395b5042ee306e8c9df95df3639536f8d3d0e1dc146dead82a47d0db2ced4d51961d656ee28524e041cf3b5eef5e809a0a
-
Deletes itself
-
Reads data files stored by FTP clients
Tries to access configuration files associated with programs like FileZilla.
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-