General

  • Target

    PO_2020-JANUGHU.exe

  • Size

    804KB

  • Sample

    200708-l1qfaf4m9x

  • MD5

    67c9976e236f532d67bfc92b7ce96d77

  • SHA1

    31a1f3dbeed7e359ad0115eb133aa348383a4f5b

  • SHA256

    b8fb24fed506f2b66406af4f29a8a0522564d337d9f374c3936b369e10a69437

  • SHA512

    1c3e24e34653f0f2497da7c8971b242e2d560d61d7b38626eaa4cc1ddcb655fe1fdc16eabab7197e03c9d35118e6e3e746a6166ae7949d1ab419c78b22be8f68

Score
7/10

Malware Config

Targets

    • Target

      PO_2020-JANUGHU.exe

    • Size

      804KB

    • MD5

      67c9976e236f532d67bfc92b7ce96d77

    • SHA1

      31a1f3dbeed7e359ad0115eb133aa348383a4f5b

    • SHA256

      b8fb24fed506f2b66406af4f29a8a0522564d337d9f374c3936b369e10a69437

    • SHA512

      1c3e24e34653f0f2497da7c8971b242e2d560d61d7b38626eaa4cc1ddcb655fe1fdc16eabab7197e03c9d35118e6e3e746a6166ae7949d1ab419c78b22be8f68

    Score
    7/10
    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Adds Run entry to start application

    • Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v6

Tasks