General
-
Target
9bf20509ce5be3d8dd7afed314d9739a5a4e241bab4a6e3b8946f8b3a88c3ce9
-
Size
592KB
-
Sample
210301-8m6kdvcqks
-
MD5
c638e8327f9bbf1b0acadfc1a7a3cdd0
-
SHA1
57e822f7ea9c96d9e6997cb7fe85b7f279c6e810
-
SHA256
9bf20509ce5be3d8dd7afed314d9739a5a4e241bab4a6e3b8946f8b3a88c3ce9
-
SHA512
3f9549e95582cd3ab77694f292abf38d26f2dddce322cd1325c480e436a467fe939aa2478d4eeb655ffce3be7a961b1471fbeac53bc492b9d02253142ac3a497
Static task
static1
Behavioral task
behavioral1
Sample
9bf20509ce5be3d8dd7afed314d9739a5a4e241bab4a6e3b8946f8b3a88c3ce9.exe
Resource
win7v20201028
Malware Config
Targets
-
-
Target
9bf20509ce5be3d8dd7afed314d9739a5a4e241bab4a6e3b8946f8b3a88c3ce9
-
Size
592KB
-
MD5
c638e8327f9bbf1b0acadfc1a7a3cdd0
-
SHA1
57e822f7ea9c96d9e6997cb7fe85b7f279c6e810
-
SHA256
9bf20509ce5be3d8dd7afed314d9739a5a4e241bab4a6e3b8946f8b3a88c3ce9
-
SHA512
3f9549e95582cd3ab77694f292abf38d26f2dddce322cd1325c480e436a467fe939aa2478d4eeb655ffce3be7a961b1471fbeac53bc492b9d02253142ac3a497
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-