Extracted

• • Target

    96509da4c19a7242e73ae867aace3f6896d566073f893b4fc96d7f0932b31657

  • Size

    5.2MB

  • MD5

    00b9af585316df9f94e8f64bde659da0

  • SHA1

    f7115d3c578a675718497faddc372c0dddd036ba

  • SHA256

    96509da4c19a7242e73ae867aace3f6896d566073f893b4fc96d7f0932b31657

  • SHA512

    da4eb412e5e741349ad6b9dd0d67f73d45acf55113cae2ddff8b6dce7dd6a59764c1902d8e8c0ef96f9975c9aa2add14233abe204a18a0ee841c9d3a63cd54ad

  • SSDEEP

    98304:jsa4sNG78UNfaj3AvNA7zGQBpZchIPCe0s+:Qa4hNijQ+7zGQBpZchIPCe1

  Score

  7^/10

  credential_accessspywarestealer

  • Reads user/profile data of web browsers

    Infostealers often target stored browser data, which can include saved credentials etc.

    spywarestealer

  • Unsecured Credentials: Credentials In Files

    Steal credentials from unsecured files.

    credential_accessstealer

  • Accesses cryptocurrency files/wallets, possible credential harvesting

    spyware

  • Enumerates connected drives

    Attempts to read the root path of hard drives other than the default C: drive.

  • Looks up external IP address via web service

    Uses a legitimate IP lookup service to find the infected system's external IP.

  behavioral1behavioral2