4cdc3612052b8c79222cfea3bd26d201.exe

General
Target

4cdc3612052b8c79222cfea3bd26d201.exe

Size

449KB

Sample

201120-2dfgevlqnn

Score
7 /10
MD5

4cdc3612052b8c79222cfea3bd26d201

SHA1

3fd4af15b947f4f4eefc5992e1663d9029adddad

SHA256

6e53f8abd9a57e4613e6afd1148f57dd6c7896c5c84b0ed05a8055b4e8d2fffa

SHA512

f34afabb10e0a50f2904f3695ad9ba6c2bc469b851a145a1e9123f31f74757f61f3c5893ca2b2df14c11d2c6a7ae47fba75c4e74617c4cfa86d83d684632fe39

Malware Config
Targets
Target

4cdc3612052b8c79222cfea3bd26d201.exe

MD5

4cdc3612052b8c79222cfea3bd26d201

Filesize

449KB

Score
7 /10
SHA1

3fd4af15b947f4f4eefc5992e1663d9029adddad

SHA256

6e53f8abd9a57e4613e6afd1148f57dd6c7896c5c84b0ed05a8055b4e8d2fffa

SHA512

f34afabb10e0a50f2904f3695ad9ba6c2bc469b851a145a1e9123f31f74757f61f3c5893ca2b2df14c11d2c6a7ae47fba75c4e74617c4cfa86d83d684632fe39

Tags

Signatures

  • Deletes itself

  • Loads dropped DLL

  • Reads user/profile data of local email clients

    Description

    Email clients store some user data on disk where infostealers will often target it.

    Tags

    TTPs

    Data from Local System Credentials in Files
  • Reads user/profile data of web browsers

    Description

    Infostealers often target stored browser data, which can include saved credentials etc.

    Tags

    TTPs

    Data from Local System Credentials in Files
  • Checks installed software on the system

    Description

    Looks up Uninstall key entries in the registry to enumerate software on the system.

    Tags

    TTPs

    Query Registry
  • JavaScript code in executable

Related Tasks

MITRE ATT&CK Matrix
Command and Control
    Credential Access
    Discovery
    Execution
      Exfiltration
        Impact
          Initial Access
            Lateral Movement
              Persistence
                Privilege Escalation
                  Tasks

                  static1

                  behavioral1

                  7/10

                  behavioral2

                  7/10