General
-
Target
c1a11ffac56b93b9c43646e9d599d349.bin
-
Size
610KB
-
Sample
230818-cg6yyagc9v
-
MD5
b38c9645c11bb7004dab3b1be55af529
-
SHA1
d552afae163b16b347617f817f4ccad70b05a2c3
-
SHA256
5ce2693299f0228f9b608183a18aa93f308113f5bea595d36492e783f8ca193a
-
SHA512
0fe4b97e7902bbd7f285dbaea8995f7ab85479219413dc55a52c8b467437850378599ff6b4880c3beb2ca1b81bb20ac1261fdaa8edf3748a3ee64948f697c832
-
SSDEEP
12288:NjVVaZhoNPslt6yqb0UbsLNYGFIP3rXRhQiZUhbAhwhW8XqCcD/Kdaeqo+R:ioNPsf9I+pJKPbhhQA0AfeqR
Malware Config
Targets
-
-
Target
460b3d8ffa0929ab9c02a94b11fe08737b1e8e3d0b9d44a8dbf7dbccc6a540c1.exe
-
Size
1.0MB
-
MD5
c1a11ffac56b93b9c43646e9d599d349
-
SHA1
a6740c3a58a25da9bd195620a9525b92f0403b73
-
SHA256
460b3d8ffa0929ab9c02a94b11fe08737b1e8e3d0b9d44a8dbf7dbccc6a540c1
-
SHA512
93207d9283bf51a878fdaadd4b7d869484d2025bf66ac4ae459e8dca6a1c9c8d1933ecf83ccf5b5f815bea4d63bb65c0d2da2ed8e4836de4cd3d542e25579c1a
-
SSDEEP
12288:TH41ItaBXEaxfSWr8gl+b1knXHrLG6Gbalk0o8KQnEIW+WY99KsojWl0q:9F68gl+b+XHrqQT2BY99Ksx0q
Score7/10-
Reads data files stored by FTP clients
Tries to access configuration files associated with programs like FileZilla.
-
Reads user/profile data of local email clients
Email clients store some user data on disk where infostealers will often target it.
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Suspicious use of SetThreadContext
-