General
-
Target
qkuriw.jpg
-
Size
182KB
-
Sample
200731-qa1jvxt83x
-
MD5
7af33570ec886974f5513b46e999b988
-
SHA1
6b9e35f3131fdc4bd8ea66cd44303cb1004b2019
-
SHA256
da4647425789cc5a32d2719815367c8c21d2279a77a3179e609e1db9844ef15a
-
SHA512
2c8cd12d2ed3f0e62358e696115d6422fa808c89dee0b9d0f157b54806d4796f84d7a7b0208a6c295cf368d777d2ad83a9908d2137842c749d6807bc926265d7
Behavioral task
behavioral1
Sample
qkuriw.jpg.exe
Resource
win7
Malware Config
Targets
-
-
Target
qkuriw.jpg
-
Size
182KB
-
MD5
7af33570ec886974f5513b46e999b988
-
SHA1
6b9e35f3131fdc4bd8ea66cd44303cb1004b2019
-
SHA256
da4647425789cc5a32d2719815367c8c21d2279a77a3179e609e1db9844ef15a
-
SHA512
2c8cd12d2ed3f0e62358e696115d6422fa808c89dee0b9d0f157b54806d4796f84d7a7b0208a6c295cf368d777d2ad83a9908d2137842c749d6807bc926265d7
-
Formbook Payload
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Suspicious use of SetThreadContext
-