General
-
Target
RFQ k Peikko proposal,pdf.exe
-
Size
1.0MB
-
Sample
210809-gz1bcktdte
-
MD5
b44f95c332073b28fe95157f470f8f2a
-
SHA1
ab9265412559d4992d540aa11f05d73e4f544374
-
SHA256
fdb6b5f3b83553b83111bd61152a4c4bd29996d778d6c118f52f01abd9435fe5
-
SHA512
25bd35d5bd9d233d9f0bc21afa1af51c2326a252d3afe16f65a22f17ec85bd7a73529b24f4408d20aa0aec84dc79339574f4e57f1876f480bbb6b23cc5aa8f4d
Malware Config
Targets
-
-
Target
RFQ k Peikko proposal,pdf.exe
-
Size
1.0MB
-
MD5
b44f95c332073b28fe95157f470f8f2a
-
SHA1
ab9265412559d4992d540aa11f05d73e4f544374
-
SHA256
fdb6b5f3b83553b83111bd61152a4c4bd29996d778d6c118f52f01abd9435fe5
-
SHA512
25bd35d5bd9d233d9f0bc21afa1af51c2326a252d3afe16f65a22f17ec85bd7a73529b24f4408d20aa0aec84dc79339574f4e57f1876f480bbb6b23cc5aa8f4d
Score10/10-
A310logger
A310 Logger is a .NET stealer/logger targeting passwords from browsers and email clients.
-
A310logger Executable
-
Executes dropped EXE
-
Loads dropped DLL
-
Reads local data of messenger clients
Infostealers often target stored data of messaging applications, which can include saved credentials and account information.
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Suspicious use of SetThreadContext
-