General
-
Target
grabbot_0.1.5.6.vir
-
Size
272KB
-
Sample
200719-6jt1jh5ces
-
MD5
6ce43ef9a666503ac85cbb5d48bd75ba
-
SHA1
7dc3a3f882c2e558ecb298104b2a437afb7ab5ca
-
SHA256
285361e7099454daec2fce73cd72a01bc7d5edc81fb4f0698a9c20a775fb9c84
-
SHA512
b1da8b8090be41b3b1240d8f13176bec1f85fba142e2d256772a615982db754525827accadc5049990ccb636e0de19486c796ba6b77bd547c87fc6704b3e64e8
Static task
static1
Behavioral task
behavioral1
Sample
grabbot_0.1.5.6.vir.exe
Resource
win7
Behavioral task
behavioral2
Sample
grabbot_0.1.5.6.vir.exe
Resource
win10v200430
Malware Config
Targets
-
-
Target
grabbot_0.1.5.6.vir
-
Size
272KB
-
MD5
6ce43ef9a666503ac85cbb5d48bd75ba
-
SHA1
7dc3a3f882c2e558ecb298104b2a437afb7ab5ca
-
SHA256
285361e7099454daec2fce73cd72a01bc7d5edc81fb4f0698a9c20a775fb9c84
-
SHA512
b1da8b8090be41b3b1240d8f13176bec1f85fba142e2d256772a615982db754525827accadc5049990ccb636e0de19486c796ba6b77bd547c87fc6704b3e64e8
Score7/10-
Deletes itself
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Adds Run key to start application
-
Suspicious use of SetThreadContext
-