Extracted

• • Target

    35f5954ec7dcb7b68924afeeaf9be3d1.exe

  • Size

    391KB

  • MD5

    35f5954ec7dcb7b68924afeeaf9be3d1

  • SHA1

    1ba3d62afaf21e8f6aa7ae0cb0fc24c94c102f05

  • SHA256

    ca47ef826dd05e2b640dd799c6381c1606df996da5f4e8a0c66f785eacc558a8

  • SHA512

    92ab0903a919d1dd769c622393e5a2a5d56c78987c86f943a19b0e5dd200b5063d86e4e79dc0f209e095bf19fd44453c418a18b4f37bcc3eb2d58cc905457ec9

  • SSDEEP

    6144:cW3mkqlxrNBKiU6893YBwq3xj4/XjT7d6srMQW+bXvd0GsuFC1OlbPVdWnKfX:Lmk8TZUloBPsPj4KN/d0ouh

  Score

  7^/10

  discoveryspywarestealer

  • Reads local data of messenger clients

    Infostealers often target stored data of messaging applications, which can include saved credentials and account information.

    spywarestealer

  • Reads user/profile data of web browsers

    Infostealers often target stored browser data, which can include saved credentials etc.

    spywarestealer

  • Accesses cryptocurrency files/wallets, possible credential harvesting

    spyware

  • Checks installed software on the system

    Looks up Uninstall key entries in the registry to enumerate software on the system.

    discovery

  • Looks up external IP address via web service

    Uses a legitimate IP lookup service to find the infected system's external IP.

  behavioral1behavioral2