General
-
Target
grabbot_0.1.5.2.vir
-
Size
340KB
-
Sample
200719-e8xp75vr1j
-
MD5
d02f1ff60b9dc441a5fabf9057ba4560
-
SHA1
dc2ea1f7c1b6b5ea6998bcc6f0db745a5531bc43
-
SHA256
42037b4a472ddd39a76b92eb5eadddf373bfffe0d9166996ae6224a0363bc9d3
-
SHA512
4c5f049c5c69580053b7eeb970e5cc976f1f55ebc37890176480a68f6e375fdaee05a5398a1ac5a950eae93318c1a08dda16b5aa3c66364066c422e5c272fef5
Static task
static1
Behavioral task
behavioral1
Sample
grabbot_0.1.5.2.vir.exe
Resource
win7
Behavioral task
behavioral2
Sample
grabbot_0.1.5.2.vir.exe
Resource
win10
Malware Config
Targets
-
-
Target
grabbot_0.1.5.2.vir
-
Size
340KB
-
MD5
d02f1ff60b9dc441a5fabf9057ba4560
-
SHA1
dc2ea1f7c1b6b5ea6998bcc6f0db745a5531bc43
-
SHA256
42037b4a472ddd39a76b92eb5eadddf373bfffe0d9166996ae6224a0363bc9d3
-
SHA512
4c5f049c5c69580053b7eeb970e5cc976f1f55ebc37890176480a68f6e375fdaee05a5398a1ac5a950eae93318c1a08dda16b5aa3c66364066c422e5c272fef5
Score7/10-
Deletes itself
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Adds Run key to start application
-
Suspicious use of SetThreadContext
-