General
-
Target
4b1ad896be5b7e954882fce34bd1072b.exe
-
Size
1.2MB
-
Sample
200624-tcdvrfewss
-
MD5
4b1ad896be5b7e954882fce34bd1072b
-
SHA1
4ecb0c52aac20465e46e46514f0e23a8bfbf83eb
-
SHA256
1cc899a5fc4a3e7fe1c9d1265b60a4faf51bc1df3e4b25c088979755410fa954
-
SHA512
14f107e3c824f039f1ad910363b098232bb73602b7881fdbf68494901becffe28811ff7943a6b5a1ac5b0f2f34cf4040fbe41de520587b83f1b0c398e1a44d8e
Static task
static1
Behavioral task
behavioral1
Sample
4b1ad896be5b7e954882fce34bd1072b.exe
Resource
win7v200430
Behavioral task
behavioral2
Sample
4b1ad896be5b7e954882fce34bd1072b.exe
Resource
win10v200430
Malware Config
Targets
-
-
Target
4b1ad896be5b7e954882fce34bd1072b.exe
-
Size
1.2MB
-
MD5
4b1ad896be5b7e954882fce34bd1072b
-
SHA1
4ecb0c52aac20465e46e46514f0e23a8bfbf83eb
-
SHA256
1cc899a5fc4a3e7fe1c9d1265b60a4faf51bc1df3e4b25c088979755410fa954
-
SHA512
14f107e3c824f039f1ad910363b098232bb73602b7881fdbf68494901becffe28811ff7943a6b5a1ac5b0f2f34cf4040fbe41de520587b83f1b0c398e1a44d8e
-
Adds Run entry to policy start application
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Adds Run entry to start application
-
Suspicious use of SetThreadContext
-