General
-
Target
2d9788648b02d198623fcd299ff6b1853759f1bf026e5d47a5ee83b7e5a7791d
-
Size
453KB
-
Sample
200624-w769wqz78x
-
MD5
59f1f5348151b176018bd54b53798ab1
-
SHA1
91d59f9c6cc1d757b58af475f4d51386eff1177d
-
SHA256
2d9788648b02d198623fcd299ff6b1853759f1bf026e5d47a5ee83b7e5a7791d
-
SHA512
8afbbedc1be5839cc044009eef51d7161d7dc207f9755ae04d83c54b30c14bef810ee002450475dd47bb193772fe4afa61d25cad831ed713e374a624243a1acc
Static task
static1
Behavioral task
behavioral1
Sample
2d9788648b02d198623fcd299ff6b1853759f1bf026e5d47a5ee83b7e5a7791d.exe
Resource
win7
Behavioral task
behavioral2
Sample
2d9788648b02d198623fcd299ff6b1853759f1bf026e5d47a5ee83b7e5a7791d.exe
Resource
win10
Malware Config
Targets
-
-
Target
2d9788648b02d198623fcd299ff6b1853759f1bf026e5d47a5ee83b7e5a7791d
-
Size
453KB
-
MD5
59f1f5348151b176018bd54b53798ab1
-
SHA1
91d59f9c6cc1d757b58af475f4d51386eff1177d
-
SHA256
2d9788648b02d198623fcd299ff6b1853759f1bf026e5d47a5ee83b7e5a7791d
-
SHA512
8afbbedc1be5839cc044009eef51d7161d7dc207f9755ae04d83c54b30c14bef810ee002450475dd47bb193772fe4afa61d25cad831ed713e374a624243a1acc
Score8/10-
Executes dropped EXE
-
Deletes itself
-
Loads dropped DLL
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Adds Run entry to start application
-
Suspicious use of SetThreadContext
-