Extracted

• • Target

    5cfa1fed22afea4f588fb39b07e79162e0609d4fb373938c389838cb7d4c8e53

  • Size

    443KB

  • MD5

    c86557dd0977ce8e1f08833e66a8b936

  • SHA1

    a7687e32ffecb5f07c69dee079a4358e199ce2a2

  • SHA256

    5cfa1fed22afea4f588fb39b07e79162e0609d4fb373938c389838cb7d4c8e53

  • SHA512

    df1818e46735ceada44111773f6da109d7e87d16b1c23c12040eb1a4086221e242228b44b8bb35949ed2fcabe046acb339f3fd43d75b95468a3a0cc636de8e2b

  Score

  7^/10

  spywarestealer

  • Reads data files stored by FTP clients

    Tries to access configuration files associated with programs like FileZilla.

    spywarestealer

  • Reads user/profile data of local email clients

    Email clients store some user data on disk where infostealers will often target it.

    spywarestealer

  • Reads user/profile data of web browsers

    Infostealers often target stored browser data, which can include saved credentials etc.

    spywarestealer

  • Looks up external IP address via web service

    Uses a legitimate IP lookup service to find the infected system's external IP.

  behavioral1