General
-
Target
lagstress.exe
-
Size
1.3MB
-
Sample
210306-13cfyd3pex
-
MD5
ded9a9e5aa1f2e772f5d81a984743af6
-
SHA1
a96333fc84cdd824fb7b4176ee3441c4d9d4f3c6
-
SHA256
045ce5f3e750d27127ac6dd5683533b1e42748c7cb47a38a06a42f7f1dfb15d7
-
SHA512
fc8f9dd8a9abf79d81cb792aa8397b58de5f7fae671b7bd742f68d449096b955172419a96d95876c20ab5cb04faadf4bc96852157cc253b292f6e0adf17dde77
Static task
static1
Behavioral task
behavioral1
Sample
lagstress.exe
Resource
win7v20201028
Malware Config
Targets
-
-
Target
lagstress.exe
-
Size
1.3MB
-
MD5
ded9a9e5aa1f2e772f5d81a984743af6
-
SHA1
a96333fc84cdd824fb7b4176ee3441c4d9d4f3c6
-
SHA256
045ce5f3e750d27127ac6dd5683533b1e42748c7cb47a38a06a42f7f1dfb15d7
-
SHA512
fc8f9dd8a9abf79d81cb792aa8397b58de5f7fae671b7bd742f68d449096b955172419a96d95876c20ab5cb04faadf4bc96852157cc253b292f6e0adf17dde77
-
Executes dropped EXE
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-