Extracted

• • Target

    c082872bd694dee488eef8dc244aeb824e39699655ad3b591e4a7cfa7f8dd0a9

  • Size

    325KB

  • MD5

    50ea2d1941b4c8748787e2a927144d4c

  • SHA1

    cda452d41ad7495200fc2feda9d591ada4c00f29

  • SHA256

    c082872bd694dee488eef8dc244aeb824e39699655ad3b591e4a7cfa7f8dd0a9

  • SHA512

    365773f2f3afe71f0c8c4aac35d1be01af44b45a153294383f014187f5ac7ef34e5e37039524f10c6fc2d2376905a64d2aebb2cf9797854744cd931886e63817

  • SSDEEP

    6144:J8jUca5+gfpUOivRX9N79en584eesXrGMUDMnYArVRkT0rWNub:J8Yco+gunv179en24erGMUWwT8Wcb

  Score

  10^/10

  spywarestealerupx

  • Nirsoft

  • Executes dropped EXE

  • UPX packed file

    Detects executables packed with UPX/modified UPX open source packer.

    upx

  • Loads dropped DLL

  • Reads data files stored by FTP clients

    Tries to access configuration files associated with programs like FileZilla.

    spywarestealer

  • Reads user/profile data of web browsers

    Infostealers often target stored browser data, which can include saved credentials etc.

    spywarestealer
  behavioral1behavioral2