General
-
Target
80d06f333ed8ddd4825a8d587dedbd16d45885b0
-
Size
288KB
-
Sample
230201-p9npaadc65
-
MD5
b96328243464bf21604da5eee040851a
-
SHA1
80d06f333ed8ddd4825a8d587dedbd16d45885b0
-
SHA256
6948edba6f7b9c858039de147b963bfb584fa8d9f51494bf380e86f89c7cebbc
-
SHA512
72519fbcce135158e6d58af649e571767fdeba904502b6c0c42fefcae02330ccde3e879346e094e7a80f729e297ddfd46db0740c94d4f5b71a698e64b32a647b
-
SSDEEP
6144:w93JUYoy7ZpOnu++xJOUoBeZJDWFLMTUYzBA2U:w9yy7POFacevELMTUSe
Malware Config
Targets
-
-
Target
Urgent Price request. P.O1672891.exe
-
Size
304KB
-
MD5
6b8c9f1aa06f8587edd290f3d0188359
-
SHA1
e893cb5944cb149f77ea53900bae972bd6c9e531
-
SHA256
91f7c342ce163fe12c018a5068f921b5b78574cf05927bb85876be8484a2c237
-
SHA512
9c170eeee18c0f41564a77056ec0cb31a87f684fec0b329e0a5586e55df0e29de2167020039689edb5009c1de62461aa49a3d067953e84e744b00e286568d641
-
SSDEEP
6144:/Ya6MvLBCyy7CpvnutlJJ0UoBeZJtKXWM/UYzBA21:/YyzBby7kvG9cexWWM/USf
Score8/10-
Executes dropped EXE
-
Loads dropped DLL
-
Reads data files stored by FTP clients
Tries to access configuration files associated with programs like FileZilla.
-
Reads user/profile data of local email clients
Email clients store some user data on disk where infostealers will often target it.
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Accesses Microsoft Outlook profiles
-
Suspicious use of SetThreadContext
-