General
-
Target
action_2.0.8.9.vir
-
Size
380KB
-
Sample
200719-z55hg5mj5j
-
MD5
11b3ae60c845189bbec476f762476e69
-
SHA1
28461e56f09813363ccc1fa686e48938afde7ec4
-
SHA256
b6f0422e0ce7fd8f2ad23bc2ff2fab72b331e252810ce7a4582217a3bea32c67
-
SHA512
4b235b560f0cd9d011017aec3ccbe5636a3c78905ecc401403ec2e01db809bfa3c4ecf973615ded1b54041c7e0a572ac9e6031fd56615a3621d4a9351c40c88e
Static task
static1
Behavioral task
behavioral1
Sample
action_2.0.8.9.vir.exe
Resource
win7
Behavioral task
behavioral2
Sample
action_2.0.8.9.vir.exe
Resource
win10v200430
Malware Config
Targets
-
-
Target
action_2.0.8.9.vir
-
Size
380KB
-
MD5
11b3ae60c845189bbec476f762476e69
-
SHA1
28461e56f09813363ccc1fa686e48938afde7ec4
-
SHA256
b6f0422e0ce7fd8f2ad23bc2ff2fab72b331e252810ce7a4582217a3bea32c67
-
SHA512
4b235b560f0cd9d011017aec3ccbe5636a3c78905ecc401403ec2e01db809bfa3c4ecf973615ded1b54041c7e0a572ac9e6031fd56615a3621d4a9351c40c88e
Score10/10-
Executes dropped EXE
-
Modifies WinLogon to allow AutoLogon
Enables rebooting of the machine without requiring login credentials.
-
Stops running service(s)
-
Deletes itself
-
Loads dropped DLL
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Adds Run key to start application
-