General
-
Target
159d5fc953b4f50ba36c98edd6fd6c81.bin
-
Size
596KB
-
Sample
230818-bc995aga3x
-
MD5
3f593e7b450a796f2512cc69ba2f10ac
-
SHA1
d0c00228524a025d1f32fef146ee856fbb7bb2ed
-
SHA256
77b06750d70242fa640de1f435856192c73f09996d4bc944809ea5966ae299ba
-
SHA512
c0607dc9471eb7fc3104ec772fb6eb441d1ddc7cc06d851b7d95f22459ae9a5b435223b81e4ee9781c23c1d845df81de188696f1ce79f8513f07f8140c23ceb6
-
SSDEEP
12288:wuVMxUkshG154tbeh1Fq/DcxP9UVmct30mPJi7ulxYsqvA:wwMuk+G154tbehDHxVwbEcEql+nA
Malware Config
Targets
-
-
Target
e1d2116fbcb690a0b015961eb71ff0a942601170a3371dab1c65f965861bf6f3.bin
-
Size
620KB
-
MD5
159d5fc953b4f50ba36c98edd6fd6c81
-
SHA1
ee0a0d42ea26dab26f9e71483f5e6537e74934a6
-
SHA256
e1d2116fbcb690a0b015961eb71ff0a942601170a3371dab1c65f965861bf6f3
-
SHA512
10a54fa8bbedb0136d7e8748c93b121ea5a8dc1dbf1fbc4e6d5a76c5637c59b9853b6144ee79fe4454b430eeb4fef52a8d73a590db14533ae8bf3c2f6fabb952
-
SSDEEP
12288:v0Dl+C42xjWYXEsWYGzxfk+PdnBGFaSj29jwX9np3BkA+5CTXgJT1HLE+tki:gTXwY6xH1nu+wXrBkA+5eQJTVLE+t
Score7/10-
Reads data files stored by FTP clients
Tries to access configuration files associated with programs like FileZilla.
-
Reads user/profile data of local email clients
Email clients store some user data on disk where infostealers will often target it.
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Suspicious use of SetThreadContext
-