General
-
Target
69fa6aa34cf0ae63c618d3dc67f123f2bcc2e4e21f28caf45f799206beebfff0
-
Size
2MB
-
Sample
210302-36q4he8zln
-
MD5
e2ff2b8181e08ad9638e802775cac4a6
-
SHA1
2f4a054b49bd2550ae927f85e02292277e9f24b9
-
SHA256
69fa6aa34cf0ae63c618d3dc67f123f2bcc2e4e21f28caf45f799206beebfff0
-
SHA512
00515c0c873edee75118f5be067a954743924307d7be87a2787f2044d4783561ea96ae4fdf12983e8dbe6dd473c5961f44af3d6b3882ad6b4acc8c22c014d544
Static task
static1
Behavioral task
behavioral1
Sample
69fa6aa34cf0ae63c618d3dc67f123f2bcc2e4e21f28caf45f799206beebfff0.exe
Resource
win7v20201028
Malware Config
Targets
-
-
Target
69fa6aa34cf0ae63c618d3dc67f123f2bcc2e4e21f28caf45f799206beebfff0
-
Size
2MB
-
MD5
e2ff2b8181e08ad9638e802775cac4a6
-
SHA1
2f4a054b49bd2550ae927f85e02292277e9f24b9
-
SHA256
69fa6aa34cf0ae63c618d3dc67f123f2bcc2e4e21f28caf45f799206beebfff0
-
SHA512
00515c0c873edee75118f5be067a954743924307d7be87a2787f2044d4783561ea96ae4fdf12983e8dbe6dd473c5961f44af3d6b3882ad6b4acc8c22c014d544
-
Executes dropped EXE
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-