Overview

overview

7

Static

static

pipeline.rtf

windows7_x64

7

pipeline.rtf

windows10_x64

1

Resubmissions

11-01-2022 18:05

220111-wpen7sghcq 4

04-12-2020 23:42

201204-xz87gtnn2n 7

04-12-2020 23:36

201204-9hvps4evqs 7

04-12-2020 23:30

201204-h5d4ztty4e 7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    pipeline.rtf

  • Size

    85KB

  • Sample

    201204-h5d4ztty4e

  • MD5

    63604a063f6f0d2c2c9e670776e59352

  • SHA1

    a925d6b0b29d9c159772f90bc2ed7e791650b782

  • SHA256

    d6d41ff08e0a47d38fae24dc18e1d03911298e41559280dac8759bba7155494d

  • SHA512

    8174c95c11db1d3a279584b78cd9679aae9974fe5b71b2c578c4ce5c3db2658dc2eb7ffcc9d975d674cccdbddaf3dba3bbe72dd629f3fb723ab411aa63223cf1

Score
7/10
spyware

Malware Config

Targets

    • Target

      pipeline.rtf

    • Size

      85KB

    • MD5

      63604a063f6f0d2c2c9e670776e59352

    • SHA1

      a925d6b0b29d9c159772f90bc2ed7e791650b782

    • SHA256

      d6d41ff08e0a47d38fae24dc18e1d03911298e41559280dac8759bba7155494d

    • SHA512

      8174c95c11db1d3a279584b78cd9679aae9974fe5b71b2c578c4ce5c3db2658dc2eb7ffcc9d975d674cccdbddaf3dba3bbe72dd629f3fb723ab411aa63223cf1

    Score
    7/10
    spyware

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spyware

    • Drops Chrome extension

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

1
T1112

Credential Access

Credentials in Files

1
T1081

Discovery

Query Registry

2
T1012

System Information Discovery

2
T1082

Lateral Movement

Collection

Data from Local System

1
T1005

Exfiltration

Command and Control

Impact

Tasks