General
-
Target
b25d1a51f01c5d9c4f2091c5dcdcc77bca91d4fbca3c30f1c6ca64d3f7c8dd89
-
Size
605KB
-
Sample
210228-y7dpz3p9b6
-
MD5
1578dff0667515e1f9e20fd9667b5793
-
SHA1
6c18fd0b383162cb9030e4b18a27ecbacd8c34d3
-
SHA256
b25d1a51f01c5d9c4f2091c5dcdcc77bca91d4fbca3c30f1c6ca64d3f7c8dd89
-
SHA512
0d261eb8c81bef9df5bc0812c1b9e77d8f0728c891bc9e9ffcfd8df89733cff0e2b581891a6e6da05d068d26353ff0992056a2c0198cf484d3050e5e6e534004
Static task
static1
Behavioral task
behavioral1
Sample
b25d1a51f01c5d9c4f2091c5dcdcc77bca91d4fbca3c30f1c6ca64d3f7c8dd89.exe
Resource
win7v20201028
Malware Config
Targets
-
-
Target
b25d1a51f01c5d9c4f2091c5dcdcc77bca91d4fbca3c30f1c6ca64d3f7c8dd89
-
Size
605KB
-
MD5
1578dff0667515e1f9e20fd9667b5793
-
SHA1
6c18fd0b383162cb9030e4b18a27ecbacd8c34d3
-
SHA256
b25d1a51f01c5d9c4f2091c5dcdcc77bca91d4fbca3c30f1c6ca64d3f7c8dd89
-
SHA512
0d261eb8c81bef9df5bc0812c1b9e77d8f0728c891bc9e9ffcfd8df89733cff0e2b581891a6e6da05d068d26353ff0992056a2c0198cf484d3050e5e6e534004
-
Executes dropped EXE
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-