Fruit_of_the_ace_v3.11.99.mal

General
Target

Fruit_of_the_ace_v3.11.99.mal

Size

37MB

Sample

220220-wnqp3sbeh6

Score
8 /10
MD5

4f709e1c6951bbd65d03a9f44961e0ae

SHA1

b228bc6e3572f714ace26b19b9383691684e18f2

SHA256

f266a09389e628b992560b33d50f91f022a89976cc80fa580cf780c40a74c9fa

SHA512

e1a67c87bbde1b7615d3d8321734d9d4ad7a3a626b8912b27b28f4c2c85ddf85162edc62b40b7cf9377936c2d90b63a9b676a546a1ce50417e4ec32460802e7d

Malware Config
Targets
Target

Fruit_of_the_ace_v3.11.99.mal

MD5

4f709e1c6951bbd65d03a9f44961e0ae

Filesize

37MB

Score
8/10
SHA1

b228bc6e3572f714ace26b19b9383691684e18f2

SHA256

f266a09389e628b992560b33d50f91f022a89976cc80fa580cf780c40a74c9fa

SHA512

e1a67c87bbde1b7615d3d8321734d9d4ad7a3a626b8912b27b28f4c2c85ddf85162edc62b40b7cf9377936c2d90b63a9b676a546a1ce50417e4ec32460802e7d

Tags

Signatures

  • Executes dropped EXE

  • Loads dropped DLL

  • Reads user/profile data of web browsers

    Description

    Infostealers often target stored browser data, which can include saved credentials etc.

    Tags

    TTPs

    Data from Local SystemCredentials in Files
  • Suspicious use of NtSetInformationThreadHideFromDebugger

Related Tasks

MITRE ATT&CK Matrix
Command and Control
    Credential Access
    Defense Evasion
      Discovery
      Execution
        Exfiltration
          Impact
            Initial Access
              Lateral Movement
                Persistence
                  Privilege Escalation
                    Tasks

                    static1

                    behavioral1

                    8/10