Overview

overview

10

Static

static

quotation ...if.exe

windows7_x64

1

quotation ...if.exe

windows10_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    quotation (HY20 PP .pif

  • Size

    1.2MB

  • Sample

    210817-s3rhxb45d2

  • MD5

    60d4e7791158258a1c7a50570021acb3

  • SHA1

    107cbdad79622f6112f4d5eaa2319ea85fa97a9f

  • SHA256

    5376e7e271739ec94123ba33b4061ace8309950174746e962c8bade29b571984

  • SHA512

    6f8f6ad7ea17b8b4af31c013ee14272b2cdd6babf5c7775adbeccd9c9fb047a55ab75d8a46d69efc7826909d367ed9558aacf9195e2cf29a3eccbb71101902ce

Score
10/10
a310loggerspywarestealer

Malware Config

Targets

    • Target

      quotation (HY20 PP .pif

    • Size

      1.2MB

    • MD5

      60d4e7791158258a1c7a50570021acb3

    • SHA1

      107cbdad79622f6112f4d5eaa2319ea85fa97a9f

    • SHA256

      5376e7e271739ec94123ba33b4061ace8309950174746e962c8bade29b571984

    • SHA512

      6f8f6ad7ea17b8b4af31c013ee14272b2cdd6babf5c7775adbeccd9c9fb047a55ab75d8a46d69efc7826909d367ed9558aacf9195e2cf29a3eccbb71101902ce

    Score
    10/10
    a310loggerspywarestealer

    • A310logger

      A310 Logger is a .NET stealer/logger targeting passwords from browsers and email clients.

      stealerspywarea310logger

    • A310logger Executable

    • Executes dropped EXE

    • Accesses cryptocurrency files/wallets, possible credential harvesting

      spyware

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks