Extracted

• • Target

    InvictaStealer.exe

  • Size

    2.2MB

  • MD5

    3cc5939fe454a7419768c909ff77e50b

  • SHA1

    01c18fd0bcecb17b843143292b8c5005c5e7b20c

  • SHA256

    3c0322fae5759334d5f37ec23abf9c12a038f298eae3665d47ca2e131a32f996

  • SHA512

    62be7426e6c27c806a71f912144865d58a5425ff8f33de3d2faf0c74ae1e07bc31f5645f46454923783a3665e456f0e584e0b284c29ec2410d88b55946d681e1

  • SSDEEP

    24576:OOfsfKozBKHAhRh3KzPSA7R7Bt28SVSVlzyQOQZ9IEb68vL4R+2pYJeCYMXABtS:PBozBdhEV7q8bOQnIFWY+3Je0wq

  Score

  7^/10

  discoveryspywarestealer

  • Reads user/profile data of web browsers

    Infostealers often target stored browser data, which can include saved credentials etc.

    spywarestealer

  • Checks installed software on the system

    Looks up Uninstall key entries in the registry to enumerate software on the system.

    discovery

  • Legitimate hosting services abused for malware hosting/C2

  • Looks up external IP address via web service

    Uses a legitimate IP lookup service to find the infected system's external IP.

  behavioral1