General
-
Target
TW200064 PO#13979 TW200301 TW200315 TW200170.exe
-
Size
535KB
-
Sample
200702-pjdq1cmjhe
-
MD5
3c2858806e45c62ae13e74b264ad352a
-
SHA1
2e226b15ba97c79bee76ecc1ee831a32be9d75c8
-
SHA256
c6dc66a444215d6221e09e8fd68ae3a28eacf55f8de8462fb975c235304d7c4b
-
SHA512
f6d7f32d622ace9bb243b1dec7b8fef6fa31a40e40d0f9b4c2271c0c02c2ab83d16bc69d0971e9937ed32667bfe0bb1981e3f0764102ca5361a4e879f9d04523
Static task
static1
Behavioral task
behavioral1
Sample
TW200064 PO#13979 TW200301 TW200315 TW200170.exe
Resource
win7
Behavioral task
behavioral2
Sample
TW200064 PO#13979 TW200301 TW200315 TW200170.exe
Resource
win10
Malware Config
Targets
-
-
Target
TW200064 PO#13979 TW200301 TW200315 TW200170.exe
-
Size
535KB
-
MD5
3c2858806e45c62ae13e74b264ad352a
-
SHA1
2e226b15ba97c79bee76ecc1ee831a32be9d75c8
-
SHA256
c6dc66a444215d6221e09e8fd68ae3a28eacf55f8de8462fb975c235304d7c4b
-
SHA512
f6d7f32d622ace9bb243b1dec7b8fef6fa31a40e40d0f9b4c2271c0c02c2ab83d16bc69d0971e9937ed32667bfe0bb1981e3f0764102ca5361a4e879f9d04523
Score7/10-
Reads user/profile data of local email clients
Email clients store some user data on disk where infostealers will often target it.
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Suspicious use of SetThreadContext
-