General
-
Target
2fa857766a51190a35c523d1e668c419
-
Size
597KB
-
Sample
231231-kqzvzseeh8
-
MD5
2fa857766a51190a35c523d1e668c419
-
SHA1
a03a3e40fea2601e2b745b6d111d8b50384f1bd5
-
SHA256
32635c5f985aa62687009145f91b4523b781bea2faa94f7864d2ff16ab0a14ef
-
SHA512
3c54fd2dcfce7e412b8fe2bf328b7feb22dc2eabc24b14040255b7844280c0b4e5d9860c3e244fd90e5702b51454a406039bfd4edd245ee0f530eac4ed191556
-
SSDEEP
12288:pjxXyjFxBYSk/XE+DF7ruopsW+grfBecYSDE5JVKV6m9E1/E:pjlyZxBAXdZ75CgEcfDE5kKdE
Static task
static1
Behavioral task
behavioral1
Sample
2fa857766a51190a35c523d1e668c419.exe
Resource
win7-20231215-en
Behavioral task
behavioral2
Sample
2fa857766a51190a35c523d1e668c419.exe
Resource
win10v2004-20231215-en
Malware Config
Targets
-
-
Target
2fa857766a51190a35c523d1e668c419
-
Size
597KB
-
MD5
2fa857766a51190a35c523d1e668c419
-
SHA1
a03a3e40fea2601e2b745b6d111d8b50384f1bd5
-
SHA256
32635c5f985aa62687009145f91b4523b781bea2faa94f7864d2ff16ab0a14ef
-
SHA512
3c54fd2dcfce7e412b8fe2bf328b7feb22dc2eabc24b14040255b7844280c0b4e5d9860c3e244fd90e5702b51454a406039bfd4edd245ee0f530eac4ed191556
-
SSDEEP
12288:pjxXyjFxBYSk/XE+DF7ruopsW+grfBecYSDE5JVKV6m9E1/E:pjlyZxBAXdZ75CgEcfDE5kKdE
-
A310logger
A310 Logger is a .NET stealer/logger targeting passwords from browsers and email clients.
-
Detect ZGRat V1
-
StormKitty payload
-
A310logger Executable
-
Accesses Microsoft Outlook profiles
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-
Looks up geolocation information via web service
Uses a legitimate geolocation service to find the infected system's geolocation info.
-
Suspicious use of SetThreadContext
-