General

  • Target

    f97f3db8f7f79895b863f3f144e8df5e19da23035e067f32beed003ba6c115d1

  • Size

    1.9MB

  • Sample

    210228-sbz5ceh4ws

  • MD5

    3f79e71d64c7ee0acf4ead0466968bdb

  • SHA1

    715bdd824d928f000533d0fcd1c84c0fca424077

  • SHA256

    f97f3db8f7f79895b863f3f144e8df5e19da23035e067f32beed003ba6c115d1

  • SHA512

    811b87ad0af43e654634c77e360b2015b112abce0f279bbfacce8e3e865a7f2c53a9e1f836677327001afa7a7194124c2d5f815ec9263fdb6f88a021b58c6264

Score
8/10

Malware Config

Targets

    • Target

      f97f3db8f7f79895b863f3f144e8df5e19da23035e067f32beed003ba6c115d1

    • Size

      1.9MB

    • MD5

      3f79e71d64c7ee0acf4ead0466968bdb

    • SHA1

      715bdd824d928f000533d0fcd1c84c0fca424077

    • SHA256

      f97f3db8f7f79895b863f3f144e8df5e19da23035e067f32beed003ba6c115d1

    • SHA512

      811b87ad0af43e654634c77e360b2015b112abce0f279bbfacce8e3e865a7f2c53a9e1f836677327001afa7a7194124c2d5f815ec9263fdb6f88a021b58c6264

    Score
    8/10
    • VMProtect packed file

      Detects executables packed with VMProtect commercial packer.

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Looks up external IP address via web service

      Uses a legitimate IP lookup service to find the infected system's external IP.

MITRE ATT&CK Matrix ATT&CK v6

Credential Access

Credentials in Files

1
T1081

Collection

Data from Local System

1
T1005

Tasks