General
-
Target
Crypted/Nf.eletronica.zip
-
Size
287KB
-
Sample
210303-tgrwwnb51x
-
MD5
8620a041826d560f81bfeb903b6bf266
-
SHA1
097c3631e1cfe320c92ad48360bc94562935b120
-
SHA256
7b3f6ba3d8014a27e5d42a7bfee09fb5ba0320bd07aef90b7c7cf0162568c296
-
SHA512
7b2ec0b0497316e0a62974140e2e7584aaf566ded19b480e621074f54b275a6c8797bd8fd56ff30028869b23288524311465638afd58478c6990c629c80f2bdb
Static task
static1
Behavioral task
behavioral1
Sample
-.exe
Resource
win7v20201028
Behavioral task
behavioral2
Sample
-.exe
Resource
win10v20201028
Behavioral task
behavioral3
Sample
Nf.e_pt.exe
Resource
win7v20201028
Behavioral task
behavioral4
Sample
Nf.e_pt.exe
Resource
win10v20201028
Malware Config
Targets
-
-
Target
-
-
Size
278KB
-
MD5
3f43374d0862425c4894da8a4ea9c7f2
-
SHA1
7b6fd6ad2a57578b2012108880bf89afd315ea9c
-
SHA256
5066020c9801057b9e6e6e5ced5ef8d35854cb58118e4aae55d7d3b532ebcecd
-
SHA512
e4765241eda5f1eb5d479e8c2c0497a8c59f70b815f864955846d68160aebcf165e15d52751dc7cf99d5ac203f15d493940daf478a2e5346b09f1beddefceec9
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
-
-
Target
Nf.e_pt.exe
-
Size
422KB
-
MD5
01d61a3376eca9bb3ff9b18c36eac0dc
-
SHA1
2d96fe726cfac17aa48312ba6f50782b354c2d55
-
SHA256
c6478564314b23b2262c6e258cc6792fd7907f9253267571659e778dbd4491cc
-
SHA512
52a9f5168cfabc89e4546e185607002b294d334e1b4bc06f37fee47970213c98d45f2131155eb2883aa3611b1658760f46bbd72fa95cd044dce0e61233a94646
Score1/10 -