General
-
Target
43ccbf07bb810d3af85269c501db749ee8c59115e05c51f4a2836b12f7db5af3.exe
-
Size
161KB
-
Sample
210227-x2gaacfp6j
-
MD5
01f13d6540c9e0e08082ef834a019120
-
SHA1
ff0215a1977fbc2da37ec51b68b90696109af7b6
-
SHA256
43ccbf07bb810d3af85269c501db749ee8c59115e05c51f4a2836b12f7db5af3
-
SHA512
b2caf40a0b1109221d14ae8e141e28336741eccf69dee696e030d35e356f313b16931769c0cd79c25d26049b73ada4488d0565ad876588bdf4f1bcb9deda7ceb
Static task
static1
Behavioral task
behavioral1
Sample
43ccbf07bb810d3af85269c501db749ee8c59115e05c51f4a2836b12f7db5af3.exe
Resource
win7v20201028
Malware Config
Targets
-
-
Target
43ccbf07bb810d3af85269c501db749ee8c59115e05c51f4a2836b12f7db5af3.exe
-
Size
161KB
-
MD5
01f13d6540c9e0e08082ef834a019120
-
SHA1
ff0215a1977fbc2da37ec51b68b90696109af7b6
-
SHA256
43ccbf07bb810d3af85269c501db749ee8c59115e05c51f4a2836b12f7db5af3
-
SHA512
b2caf40a0b1109221d14ae8e141e28336741eccf69dee696e030d35e356f313b16931769c0cd79c25d26049b73ada4488d0565ad876588bdf4f1bcb9deda7ceb
-
Deletes itself
-
Reads data files stored by FTP clients
Tries to access configuration files associated with programs like FileZilla.
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-