General

  • Target

    300-4-0x00000000050B0000-0x0000000005136000-memory.dmp.exe

  • Size

    536KB

  • Sample

    201125-syh3ex1nna

  • MD5

    c955a9aee5daefcceb7580623ea6b12c

  • SHA1

    78b2c7eae60e70f92189f4cf8bd2697203ce3377

  • SHA256

    9190acfffc1d789884d6ba885bd257c4c1d88530449d4387df16d7876154676d

  • SHA512

    36bd2f427933b599f264a0feac5fa566e124a4bbca06bdf4dc4d7f8c6d1a427b04d2a84ca4086264bf7553e35cdefe8f27ad84157aab30267e9bd312c99d9067

Score
10/10

Malware Config

Targets

    • Target

      300-4-0x00000000050B0000-0x0000000005136000-memory.dmp.exe

    • Size

      536KB

    • MD5

      c955a9aee5daefcceb7580623ea6b12c

    • SHA1

      78b2c7eae60e70f92189f4cf8bd2697203ce3377

    • SHA256

      9190acfffc1d789884d6ba885bd257c4c1d88530449d4387df16d7876154676d

    • SHA512

      36bd2f427933b599f264a0feac5fa566e124a4bbca06bdf4dc4d7f8c6d1a427b04d2a84ca4086264bf7553e35cdefe8f27ad84157aab30267e9bd312c99d9067

    Score
    7/10
    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Looks up external IP address via web service

      Uses a legitimate IP lookup service to find the infected system's external IP.

MITRE ATT&CK Enterprise v6

Tasks