General
-
Target
PO# PO2021020371N.exe
-
Size
291KB
-
Sample
210301-gd2tktxrs2
-
MD5
ce29efcf5510c0a9dcb38f62d50a5e8b
-
SHA1
eb9a28d284303663ab5bbbab9e8cc7db88cf7a2f
-
SHA256
9bec30afd640d68be28fef4e6b5abcc14d90b2c7293d7709619b8f9b9e685b7e
-
SHA512
dee3945c894c586f1a4d42581796e1ce257cc5ec8a98368de391d664328ac7318163aff9edcd5eac9b9ab4c3b3407c2448add2d07b3863a74f513bf0541a77aa
Static task
static1
Behavioral task
behavioral1
Sample
PO# PO2021020371N.exe
Resource
win7v20201028
Malware Config
Targets
-
-
Target
PO# PO2021020371N.exe
-
Size
291KB
-
MD5
ce29efcf5510c0a9dcb38f62d50a5e8b
-
SHA1
eb9a28d284303663ab5bbbab9e8cc7db88cf7a2f
-
SHA256
9bec30afd640d68be28fef4e6b5abcc14d90b2c7293d7709619b8f9b9e685b7e
-
SHA512
dee3945c894c586f1a4d42581796e1ce257cc5ec8a98368de391d664328ac7318163aff9edcd5eac9b9ab4c3b3407c2448add2d07b3863a74f513bf0541a77aa
Score10/10-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Suspicious use of SetThreadContext
-