General

  • Target

    1d11459a92daf9fb1a1031bc6b5e5b6286496067dff4d917b9342488a02c008f

  • Size

    828KB

  • Sample

    210513-25pwzn64ye

  • MD5

    d3204ce088c60d36b2fe1a26483cfd70

  • SHA1

    bc19d859fbfe1e0026de444dcb5db63d1647273f

  • SHA256

    1d11459a92daf9fb1a1031bc6b5e5b6286496067dff4d917b9342488a02c008f

  • SHA512

    8d4d8a6ee61aee7dcb39306c395e02635c4176513f94f63d048843c299c7f7d2c9a90d8740d9f685771adc17930a114c8445cef379e9dceecf89a0856c41c423

Malware Config

Targets

    • Target

      1d11459a92daf9fb1a1031bc6b5e5b6286496067dff4d917b9342488a02c008f

    • Size

      828KB

    • MD5

      d3204ce088c60d36b2fe1a26483cfd70

    • SHA1

      bc19d859fbfe1e0026de444dcb5db63d1647273f

    • SHA256

      1d11459a92daf9fb1a1031bc6b5e5b6286496067dff4d917b9342488a02c008f

    • SHA512

      8d4d8a6ee61aee7dcb39306c395e02635c4176513f94f63d048843c299c7f7d2c9a90d8740d9f685771adc17930a114c8445cef379e9dceecf89a0856c41c423

    • xmrig

      XMRig is a high performance, open source, cross platform CPU/GPU miner.

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Drops file in System32 directory

MITRE ATT&CK Matrix ATT&CK v6

Credential Access

Credentials in Files

1
T1081

Discovery

System Information Discovery

1
T1082

Collection

Data from Local System

1
T1005

Tasks