a310logger

General

Target

newbin.exe
Size

364KB
Sample

210927-t8ga2aheel
MD5

79a97d24433615837251fe141b7174d4
SHA1

6629ebd021eefece2411f6253e2d0b2c7a04d577
SHA256

7603f8e827ab78d5ff15be1b04b9a02821edf3bf90475295e0c7c792bc328f63
SHA512

8906e0699dfa6d71e21896d1b2c72450b78b49c8d2ea6290f00676a632c3ba703817a43b9fef50e6e9838bf176848d146646bdfdbb1dfc63c43b55f36a8f75e8

Score

10^/10

Malware Config

Extracted

Family

blustealer

Credentials

Protocol: smtp
Host:
mail.enche.com
Port:
587
Username:
[email protected]
Password:
Merchandise08012021

Targets

- Target
  
  newbin.exe
- Size
  
  364KB
- MD5
  
  79a97d24433615837251fe141b7174d4
- SHA1
  
  6629ebd021eefece2411f6253e2d0b2c7a04d577
- SHA256
  
  7603f8e827ab78d5ff15be1b04b9a02821edf3bf90475295e0c7c792bc328f63
- SHA512
  
  8906e0699dfa6d71e21896d1b2c72450b78b49c8d2ea6290f00676a632c3ba703817a43b9fef50e6e9838bf176848d146646bdfdbb1dfc63c43b55f36a8f75e8
Score

10^/10

a310logger collection spyware stealer suricata
- A310logger
  A310 Logger is a .NET stealer/logger targeting passwords from browsers and email clients.
  stealer spyware a310logger
- suricata: ET MALWARE a310Logger Stealer Exfil (SMTP)
  suricata: ET MALWARE a310Logger Stealer Exfil (SMTP)
  suricata
- A310logger Executable
- Executes dropped EXE
- Loads dropped DLL
- Reads local data of messenger clients
  Infostealers often target stored data of messaging applications, which can include saved credentials and account information.
  spyware stealer
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Accesses Microsoft Outlook profiles
  collection
- Accesses cryptocurrency files/wallets, possible credential harvesting
  spyware
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Credentials in Files

3

T1081

Discovery

System Information Discovery

1

T1082

Lateral Movement

Collection

Data from Local System

Email Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Extracted

Targets

suricata: ET MALWARE a310Logger Stealer Exfil (SMTP)

A310logger Executable

Executes dropped EXE

Loads dropped DLL

Reads local data of messenger clients

Reads user/profile data of web browsers

Accesses Microsoft Outlook profiles

Accesses cryptocurrency files/wallets, possible credential harvesting

MITRE ATT&CK Enterprise v6

Tasks

static1

behavioral1

behavioral2