68e2ff114060c1bfc6d2398b860e70b0.exe

General
Target

68e2ff114060c1bfc6d2398b860e70b0.exe

Size

1MB

Sample

210408-k3g6l3zcx2

Score
8 /10
MD5

68e2ff114060c1bfc6d2398b860e70b0

SHA1

8540e7baf664d115f9f7020ab61d73a80773d4cb

SHA256

207be23ccd62d0e3d9aefe12f5c2ab142a42a25b1e246e27e0ae9087c2fe96d3

SHA512

dcff2bc1df0595c1b1fbfa09a4633253d9b16ce02f9733c9982b797ff4fb7fb345219ca3780ad259ecce83ab89a5f87c861dce70dfa23ce06c9739a9861bc509

Malware Config
Targets
Target

68e2ff114060c1bfc6d2398b860e70b0.exe

MD5

68e2ff114060c1bfc6d2398b860e70b0

Filesize

1MB

Score
8 /10
SHA1

8540e7baf664d115f9f7020ab61d73a80773d4cb

SHA256

207be23ccd62d0e3d9aefe12f5c2ab142a42a25b1e246e27e0ae9087c2fe96d3

SHA512

dcff2bc1df0595c1b1fbfa09a4633253d9b16ce02f9733c9982b797ff4fb7fb345219ca3780ad259ecce83ab89a5f87c861dce70dfa23ce06c9739a9861bc509

Tags

Signatures

  • Executes dropped EXE

  • Drops startup file

  • Loads dropped DLL

  • Reads user/profile data of web browsers

    Description

    Infostealers often target stored browser data, which can include saved credentials etc.

    Tags

    TTPs

    Data from Local System Credentials in Files
  • Suspicious use of SetThreadContext

Related Tasks

MITRE ATT&CK Matrix
Command and Control
    Credential Access
    Execution
      Exfiltration
        Impact
          Initial Access
            Lateral Movement
              Persistence
                Privilege Escalation
                  Tasks

                  static1

                  behavioral1

                  8/10

                  behavioral2

                  8/10