Extracted

• • Target

    0x00070000000126ff-73.dat

  • Size

    217KB

  • MD5

    2346a0361ae3c517d6f0d2df582297f6

  • SHA1

    3828ea4c1eced88f09cc817cdc150101db9a8599

  • SHA256

    57ea0fcab12d9dd2ac739dab7662c1cc94402a86ee898838a95ef03eb7e2557f

  • SHA512

    81b9376a2c315362deb8315229334c999aed92636d5bc47324315be18b63edbcc792d270a04f709ead5b047dee55ba7237c2349aa502bb3bb63dbba2379e1494

  • SSDEEP

    3072:9nyjGla89N/Gbaq6ZYmvWAyaHmUKrTdArHH2PxdPErn+OKtQEFFjizcyO:9Cs3/acOoaTUITdWHQdMJoPjacy

  Score

  7^/10

  collectionspywarestealer

  • Reads data files stored by FTP clients

    Tries to access configuration files associated with programs like FileZilla.

    spywarestealer

  • Reads user/profile data of local email clients

    Email clients store some user data on disk where infostealers will often target it.

    spywarestealer

  • Reads user/profile data of web browsers

    Infostealers often target stored browser data, which can include saved credentials etc.

    spywarestealer

  • Accesses Microsoft Outlook profiles

    collection

  • Looks up external IP address via web service

    Uses a legitimate IP lookup service to find the infected system's external IP.

  behavioral1behavioral2