General

  • Target

    WerMgr.exe

  • Size

    191KB

  • Sample

    220419-vmdtfsehcp

  • MD5

    84334d3ff61437deeb3a4a22a22a6929

  • SHA1

    d88cd0f46e8f02e65b04f0a81b169bf9f8b7dedc

  • SHA256

    f9830090b4f92cddd5fcfc37eb596fb883bfd69ba854153c2e3c7d08e09c5f1e

  • SHA512

    7b7613266c6996174d244b8512e98719b7f705b0e9e61236e54f8e01de7d3144455ad3ea5a45747381a7d5b3005bf93017fad4b3cf1699da3adf4fa6f3b60cd4

Malware Config

Targets

    • Target

      WerMgr.exe

    • Size

      191KB

    • MD5

      84334d3ff61437deeb3a4a22a22a6929

    • SHA1

      d88cd0f46e8f02e65b04f0a81b169bf9f8b7dedc

    • SHA256

      f9830090b4f92cddd5fcfc37eb596fb883bfd69ba854153c2e3c7d08e09c5f1e

    • SHA512

      7b7613266c6996174d244b8512e98719b7f705b0e9e61236e54f8e01de7d3144455ad3ea5a45747381a7d5b3005bf93017fad4b3cf1699da3adf4fa6f3b60cd4

    • Arcane log file

      Detects a log file produced by the Arcane Stealer.

    • ArcaneStealer

      Arcane Stealer is a .Net information-stealing malware that is easy to acquire in the dark web.

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Accesses cryptocurrency files/wallets, possible credential harvesting

MITRE ATT&CK Enterprise v6

Tasks