General
-
Target
Product Specification 58 (iv) Qty 45,000 KG (CuZn 30).exe
-
Size
258KB
-
Sample
200630-ndh5bwhppx
-
MD5
05865820025c38359bb2f51c1e6a5ce6
-
SHA1
4b8c9a275dcf3992839703a95d03e3acb75ac5a5
-
SHA256
37d250d71a687db0e2c094fd5932bd32a6198a94b86553580d495cbb592d0f96
-
SHA512
bbe6e903505611f8f769dc391485f6ed41df56ef5fde3f95eeb509b2427424f562d9bcb82fe1162a00f9762b9efa3120e431dfd655919288a3ccb4ae5deb620c
Static task
static1
Behavioral task
behavioral1
Sample
Product Specification 58 (iv) Qty 45,000 KG (CuZn 30).exe
Resource
win7
Behavioral task
behavioral2
Sample
Product Specification 58 (iv) Qty 45,000 KG (CuZn 30).exe
Resource
win10
Malware Config
Targets
-
-
Target
Product Specification 58 (iv) Qty 45,000 KG (CuZn 30).exe
-
Size
258KB
-
MD5
05865820025c38359bb2f51c1e6a5ce6
-
SHA1
4b8c9a275dcf3992839703a95d03e3acb75ac5a5
-
SHA256
37d250d71a687db0e2c094fd5932bd32a6198a94b86553580d495cbb592d0f96
-
SHA512
bbe6e903505611f8f769dc391485f6ed41df56ef5fde3f95eeb509b2427424f562d9bcb82fe1162a00f9762b9efa3120e431dfd655919288a3ccb4ae5deb620c
Score8/10-
Sets DLL path for service in the registry
-
Loads dropped DLL
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Modifies WinLogon
-
Drops file in System32 directory
-
Suspicious use of SetThreadContext
-