General

  • Target

    d6aa014ba066d9408de45856524ff33aedf962ef6d9b8f280488c74563f50722.bin.sample.gz

  • Size

    263KB

  • Sample

    201205-l6y1tfebda

  • MD5

    b9395138d40dcc2870350ff8a89453bf

  • SHA1

    64390aa574a69944e80853c3b82e110ef64f3843

  • SHA256

    c424c16775dfbb087a8bd78da988e8a395f977335d1a281768f22d0ee583597c

  • SHA512

    b8422f0d1d1978c5dad6698e816428cb5fe3fe68b8a827b9bc04df91ef0b30a1465ab4d384525af8d0996f5a76e5a87416074f83bce9d44faff9fa31e36f1137

Score
7/10

Malware Config

Targets

    • Target

      sample

    • Size

      263KB

    • MD5

      93f3e9950498a238e4a3a10b308911b1

    • SHA1

      715a966fd9a134c890553762d401ce364e56c5dd

    • SHA256

      d6aa014ba066d9408de45856524ff33aedf962ef6d9b8f280488c74563f50722

    • SHA512

      8f32f61f2a89ebb13f2c9f44a5487475ce246a401853c0d0908d4d6ed0eb5756ae910d3e5194f748fd3f8333fda4d8c7171f7e09928f0f9e8f7550e03f1874ee

    Score
    7/10
    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Drops file in System32 directory

    • Suspicious use of SetThreadContext

MITRE ATT&CK Matrix ATT&CK v6

Credential Access

Credentials in Files

1
T1081

Discovery

Query Registry

1
T1012

Peripheral Device Discovery

1
T1120

System Information Discovery

1
T1082

Collection

Data from Local System

1
T1005

Tasks