DmaUp3.exe

Description

(Kaspersky) The module collects information about current system which includes the following: • Network adapter MAC address • CPU Name and Identifier • System default codepage • Windows OS and Service Pack versions • Hostname and IP address • Local user name • Cached passwords for Internet Explorer 6/7/8/9 (Protected Storage and IntelliForms) • Mozilla Firefox stored secrets (<12.0) • Chrome stored secrets • MS Outlook Express accounts • MS Windows Mail accounts • MS Windows Live Mail accounts • MS Outlook accounts (SMTP/IMAP/POP3/HTTP) • MSN Messenger • Gmail Nofifier credentials • Google Desktop accounts • Google Talk accounts

If the module reveals that current System default codepage is 0412 (Korean) it terminates.

Names

Name
DmaUp3.exe

Type

Reconnaissance
Credential stealer

Information

https://media.kasperskycontenthub.com/wp-content/uploads/sites/43/2018/03/08070901/darkhotelappendixindicators_kl.pdf

Other Information

Uuid

c4e969d2-f993-4a23-8cc9-7b117f14182e

Last Card Change

2020-04-20

Threat Intelligence Garden

Explorer

DmaUp3.exe

DmaUp3.exe

Description

Names

Category

Type

Information

Other Information

Uuid

Last Card Change

Graph View

Table of Contents

Backlinks