General
-
Target
aa250511bf99e715a6b37fc643f355d8.exe
-
Size
500KB
-
Sample
200630-86qtcwhn1s
-
MD5
aa250511bf99e715a6b37fc643f355d8
-
SHA1
4ee5f574ed4c49a269d257e353baf736e50210d2
-
SHA256
fd512bcb35f6f9b41f33ec961e46e3b80a774d8038a03abb1b693064a84f8f1a
-
SHA512
c1df88c46297ddd410dbcc874f6c43c396650e5e596e1fd246aea22ec2a2a4f8553ebed4a24a5aae511f082d8c5343c0511389c945d7eb4effcd190b66b014b9
Static task
static1
Behavioral task
behavioral1
Sample
aa250511bf99e715a6b37fc643f355d8.exe
Resource
win7
Behavioral task
behavioral2
Sample
aa250511bf99e715a6b37fc643f355d8.exe
Resource
win10
Malware Config
Targets
-
-
Target
aa250511bf99e715a6b37fc643f355d8.exe
-
Size
500KB
-
MD5
aa250511bf99e715a6b37fc643f355d8
-
SHA1
4ee5f574ed4c49a269d257e353baf736e50210d2
-
SHA256
fd512bcb35f6f9b41f33ec961e46e3b80a774d8038a03abb1b693064a84f8f1a
-
SHA512
c1df88c46297ddd410dbcc874f6c43c396650e5e596e1fd246aea22ec2a2a4f8553ebed4a24a5aae511f082d8c5343c0511389c945d7eb4effcd190b66b014b9
Score7/10-
Reads data files stored by FTP clients
Tries to access configuration files associated with programs like FileZilla.
-
Reads user/profile data of local email clients
Email clients store some user data on disk where infostealers will often target it.
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Suspicious use of SetThreadContext
-