General
-
Target
a48efe002e755fc23f7275abd4ce400b.exe
-
Size
303KB
-
Sample
200630-zk8tddp9ex
-
MD5
a48efe002e755fc23f7275abd4ce400b
-
SHA1
7cb214b2dc8b861e6ee26ac120e494d43035813b
-
SHA256
bf9fd5adc66ebd40de81eda76543a9b798ad480aab0d0316e7d13a6d51525816
-
SHA512
7b8bea89127a5584792e90de20fa8b72867065a3394c4f8065a312e9b273611a3d362c420ea1ea3210d523131e740bcdf7de7a847afba60d6dc98f58e70e178a
Static task
static1
Behavioral task
behavioral1
Sample
a48efe002e755fc23f7275abd4ce400b.exe
Resource
win7
Behavioral task
behavioral2
Sample
a48efe002e755fc23f7275abd4ce400b.exe
Resource
win10v200430
Malware Config
Targets
-
-
Target
a48efe002e755fc23f7275abd4ce400b.exe
-
Size
303KB
-
MD5
a48efe002e755fc23f7275abd4ce400b
-
SHA1
7cb214b2dc8b861e6ee26ac120e494d43035813b
-
SHA256
bf9fd5adc66ebd40de81eda76543a9b798ad480aab0d0316e7d13a6d51525816
-
SHA512
7b8bea89127a5584792e90de20fa8b72867065a3394c4f8065a312e9b273611a3d362c420ea1ea3210d523131e740bcdf7de7a847afba60d6dc98f58e70e178a
-
Adds Run entry to policy start application
-
Loads dropped DLL
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Suspicious use of SetThreadContext
-