Overview

overview

10

Static

static

RFQ k Peik...df.exe

windows7_x64

10

RFQ k Peik...df.exe

windows10_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    RFQ k Peikko proposal,pdf.exe

  • Size

    1.0MB

  • Sample

    210809-gz1bcktdte

  • MD5

    b44f95c332073b28fe95157f470f8f2a

  • SHA1

    ab9265412559d4992d540aa11f05d73e4f544374

  • SHA256

    fdb6b5f3b83553b83111bd61152a4c4bd29996d778d6c118f52f01abd9435fe5

  • SHA512

    25bd35d5bd9d233d9f0bc21afa1af51c2326a252d3afe16f65a22f17ec85bd7a73529b24f4408d20aa0aec84dc79339574f4e57f1876f480bbb6b23cc5aa8f4d

Score
10/10
a310loggerspywarestealer

Malware Config

Targets

    • Target

      RFQ k Peikko proposal,pdf.exe

    • Size

      1.0MB

    • MD5

      b44f95c332073b28fe95157f470f8f2a

    • SHA1

      ab9265412559d4992d540aa11f05d73e4f544374

    • SHA256

      fdb6b5f3b83553b83111bd61152a4c4bd29996d778d6c118f52f01abd9435fe5

    • SHA512

      25bd35d5bd9d233d9f0bc21afa1af51c2326a252d3afe16f65a22f17ec85bd7a73529b24f4408d20aa0aec84dc79339574f4e57f1876f480bbb6b23cc5aa8f4d

    Score
    10/10
    a310loggerspywarestealer

    • A310logger

      A310 Logger is a .NET stealer/logger targeting passwords from browsers and email clients.

      stealerspywarea310logger

    • A310logger Executable

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads local data of messenger clients

      Infostealers often target stored data of messaging applications, which can include saved credentials and account information.

      spywarestealer

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Accesses cryptocurrency files/wallets, possible credential harvesting

      spyware

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks