General
-
Target
grabbot_0.1.5.5.vir
-
Size
361KB
-
Sample
200719-byh61sk3yx
-
MD5
7ec0decf55d3ce9bf112ca4bdcb7db02
-
SHA1
a7e40979878f0afb813a429f3d644cebe257740e
-
SHA256
f92625cc11494c0c5d265ed331354338c45c05658323cfae8ff4a8099351ae05
-
SHA512
81cc2986d1c2f1f395e78f772c92ae4cd8253ba365a73433ce61615d02349f652530704c76bd046ebf135615ef5fcf727aea4d42cffded511312d541bfb464dc
Static task
static1
Behavioral task
behavioral1
Sample
grabbot_0.1.5.5.vir.exe
Resource
win7v200430
Behavioral task
behavioral2
Sample
grabbot_0.1.5.5.vir.exe
Resource
win10v200430
Malware Config
Targets
-
-
Target
grabbot_0.1.5.5.vir
-
Size
361KB
-
MD5
7ec0decf55d3ce9bf112ca4bdcb7db02
-
SHA1
a7e40979878f0afb813a429f3d644cebe257740e
-
SHA256
f92625cc11494c0c5d265ed331354338c45c05658323cfae8ff4a8099351ae05
-
SHA512
81cc2986d1c2f1f395e78f772c92ae4cd8253ba365a73433ce61615d02349f652530704c76bd046ebf135615ef5fcf727aea4d42cffded511312d541bfb464dc
Score7/10-
Deletes itself
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Adds Run key to start application
-
Suspicious use of SetThreadContext
-