General
-
Target
6f03ff2d346e59f0e9d9e51569b08fba6c610e7c82fd92719866124bd512054f
-
Size
1.0MB
-
Sample
220625-gcar6agbaq
-
MD5
4b94597bc7d13ead3ba618bd7bc222f9
-
SHA1
d25fdd088c5bcacb93056821a52502b47b03e4e3
-
SHA256
6f03ff2d346e59f0e9d9e51569b08fba6c610e7c82fd92719866124bd512054f
-
SHA512
6c638efba643a013793dfa0b9b1700d7181a1b47c11796f6bb463a22400625e09d522edf16fc37f4534faea6a34dbeb4592794343d8f3f8f09de55e46191c7dd
Static task
static1
Behavioral task
behavioral1
Sample
6f03ff2d346e59f0e9d9e51569b08fba6c610e7c82fd92719866124bd512054f.exe
Resource
win7-20220414-en
Behavioral task
behavioral2
Sample
6f03ff2d346e59f0e9d9e51569b08fba6c610e7c82fd92719866124bd512054f.exe
Resource
win10v2004-20220414-en
Malware Config
Extracted
Protocol: smtp- Host:
smtp.gmail.com - Port:
587 - Username:
isabellsepindler3@gmail.com - Password:
kakokako12345
Targets
-
-
Target
6f03ff2d346e59f0e9d9e51569b08fba6c610e7c82fd92719866124bd512054f
-
Size
1.0MB
-
MD5
4b94597bc7d13ead3ba618bd7bc222f9
-
SHA1
d25fdd088c5bcacb93056821a52502b47b03e4e3
-
SHA256
6f03ff2d346e59f0e9d9e51569b08fba6c610e7c82fd92719866124bd512054f
-
SHA512
6c638efba643a013793dfa0b9b1700d7181a1b47c11796f6bb463a22400625e09d522edf16fc37f4534faea6a34dbeb4592794343d8f3f8f09de55e46191c7dd
Score10/10-
404 Keylogger Main Executable
-
Accesses Microsoft Outlook profiles
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-
Suspicious use of SetThreadContext
-