General
-
Target
S00136402127536662.exe
-
Size
588KB
-
Sample
211028-rezjeagean
-
MD5
1aad026baeaab0069ec257c151924481
-
SHA1
e5f45813bb9baba4050bd3648851336470413f74
-
SHA256
072285efab7216ad4a718dfc4208984dd2726c5357e71e5a9aac8ae7470b21d5
-
SHA512
44636d5d298c5fab28a4fce3b765bb81809f8894fbec07a81890b5357361089a6fdbe164fa3c48db5b73390b8877e20c08568adf7958ba6bad0cb6d9e13b2198
Malware Config
Targets
-
-
Target
S00136402127536662.exe
-
Size
588KB
-
MD5
1aad026baeaab0069ec257c151924481
-
SHA1
e5f45813bb9baba4050bd3648851336470413f74
-
SHA256
072285efab7216ad4a718dfc4208984dd2726c5357e71e5a9aac8ae7470b21d5
-
SHA512
44636d5d298c5fab28a4fce3b765bb81809f8894fbec07a81890b5357361089a6fdbe164fa3c48db5b73390b8877e20c08568adf7958ba6bad0cb6d9e13b2198
Score10/10-
A310logger
A310 Logger is a .NET stealer/logger targeting passwords from browsers and email clients.
-
suricata: ET MALWARE a310Logger Stealer Exfil (SMTP)
suricata: ET MALWARE a310Logger Stealer Exfil (SMTP)
-
A310logger Executable
-
Executes dropped EXE
-
Loads dropped DLL
-
Reads local data of messenger clients
Infostealers often target stored data of messaging applications, which can include saved credentials and account information.
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Accesses Microsoft Outlook profiles
-
Suspicious use of SetThreadContext
-