General
-
Target
invoice.exe
-
Size
1.4MB
-
Sample
200624-fwjqr8b39s
-
MD5
1a30d83d1156f6200e3dd29ca1735d6a
-
SHA1
79ab05d77a09b5c1ac7675d68061b7536027de1d
-
SHA256
5fcfcf6dd699c3647f4b79475da5ee9fd44126aabb1edc6e7bd88976a9abc39f
-
SHA512
1924985b5a0dbddec842d37d87714237fad8f5920a00994378c941bcbbbf71bacfce0b5da334ae36a870233aba4638b4755a69b19311378534351db753221d87
Static task
static1
Behavioral task
behavioral1
Sample
invoice.exe
Resource
win7
Behavioral task
behavioral2
Sample
invoice.exe
Resource
win10
Malware Config
Targets
-
-
Target
invoice.exe
-
Size
1.4MB
-
MD5
1a30d83d1156f6200e3dd29ca1735d6a
-
SHA1
79ab05d77a09b5c1ac7675d68061b7536027de1d
-
SHA256
5fcfcf6dd699c3647f4b79475da5ee9fd44126aabb1edc6e7bd88976a9abc39f
-
SHA512
1924985b5a0dbddec842d37d87714237fad8f5920a00994378c941bcbbbf71bacfce0b5da334ae36a870233aba4638b4755a69b19311378534351db753221d87
Score7/10-
Reads data files stored by FTP clients
Tries to access configuration files associated with programs like FileZilla.
-
Reads user/profile data of local email clients
Email clients store some user data on disk where infostealers will often target it.
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Suspicious use of SetThreadContext
-