General
-
Target
kins_2.0.14.0.vir
-
Size
240KB
-
Sample
200719-pst2bdl2m2
-
MD5
da99ec7cfb172928a845b5116765f498
-
SHA1
4298f9dd3e8ba80c05f6ab7a90001590d115918c
-
SHA256
f696348658a9b89041b6bf9bdc9a3ae8f3799c5beee76e42dc81f096307c7847
-
SHA512
58b865fcc05432f214e2023c4bc7a63c89cdcb761046bc825a2b50cbffc153cb3c79736b9658c5327f84c14f59bbf9251edbb85ae431cd23531e259009042e3f
Static task
static1
Behavioral task
behavioral1
Sample
kins_2.0.14.0.vir.exe
Resource
win7
Malware Config
Targets
-
-
Target
kins_2.0.14.0.vir
-
Size
240KB
-
MD5
da99ec7cfb172928a845b5116765f498
-
SHA1
4298f9dd3e8ba80c05f6ab7a90001590d115918c
-
SHA256
f696348658a9b89041b6bf9bdc9a3ae8f3799c5beee76e42dc81f096307c7847
-
SHA512
58b865fcc05432f214e2023c4bc7a63c89cdcb761046bc825a2b50cbffc153cb3c79736b9658c5327f84c14f59bbf9251edbb85ae431cd23531e259009042e3f
Score8/10-
Executes dropped EXE
-
Deletes itself
-
Loads dropped DLL
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Adds Run key to start application
-
Suspicious use of SetThreadContext
-