General

  • Target

    e453c1b908c18881bec40c6ae1e85bf64d12ef84d7a9a704cf957af83252af4e

  • Size

    344KB

  • Sample

    220213-l19zdaafaq

  • MD5

    d689f8eacf3fac2e8d4116bc0af5dad8

  • SHA1

    9b86b2637b44f0608ce4e3552a683feaaa162e4b

  • SHA256

    e453c1b908c18881bec40c6ae1e85bf64d12ef84d7a9a704cf957af83252af4e

  • SHA512

    51bfe014e598efbe919fab94d478467684c1d4c75d10d423ca3742b39f424c3192bd19113f5fac63d2d42d9104ddf792bb6a91ef85e3f564f7b078da5ad28cdd

Malware Config

Targets

    • Target

      e453c1b908c18881bec40c6ae1e85bf64d12ef84d7a9a704cf957af83252af4e

    • Size

      344KB

    • MD5

      d689f8eacf3fac2e8d4116bc0af5dad8

    • SHA1

      9b86b2637b44f0608ce4e3552a683feaaa162e4b

    • SHA256

      e453c1b908c18881bec40c6ae1e85bf64d12ef84d7a9a704cf957af83252af4e

    • SHA512

      51bfe014e598efbe919fab94d478467684c1d4c75d10d423ca3742b39f424c3192bd19113f5fac63d2d42d9104ddf792bb6a91ef85e3f564f7b078da5ad28cdd

    Score
    10/10
    • Suspicious use of NtCreateProcessExOtherParentProcess

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

MITRE ATT&CK Matrix ATT&CK v6

Credential Access

Credentials in Files

1
T1081

Discovery

Query Registry

2
T1012

System Information Discovery

2
T1082

Collection

Data from Local System

1
T1005

Tasks