d2c7981831fb449e109e9f9787017a275bfe542203ae9eaf8b2e9d5eac5b9488

General
Target

d2c7981831fb449e109e9f9787017a275bfe542203ae9eaf8b2e9d5eac5b9488

Size

5MB

Sample

220520-2q2s1saham

Score
7 /10
MD5

c2529e5adae819ad0c9285bae4d27a9a

SHA1

cc066793bd6167243bfd751be82567b150421ca4

SHA256

d2c7981831fb449e109e9f9787017a275bfe542203ae9eaf8b2e9d5eac5b9488

SHA512

dff6d2c871ba42fac7808ae3865b7972815c6d1c9520791c1b7d9412d8dc72dea1dc731d5547b1ee73768710a18f1a09b10ec6a5ea7772af9743ba5201046bbb

Malware Config
Targets
Target

d2c7981831fb449e109e9f9787017a275bfe542203ae9eaf8b2e9d5eac5b9488

MD5

c2529e5adae819ad0c9285bae4d27a9a

Filesize

5MB

Score
7/10
SHA1

cc066793bd6167243bfd751be82567b150421ca4

SHA256

d2c7981831fb449e109e9f9787017a275bfe542203ae9eaf8b2e9d5eac5b9488

SHA512

dff6d2c871ba42fac7808ae3865b7972815c6d1c9520791c1b7d9412d8dc72dea1dc731d5547b1ee73768710a18f1a09b10ec6a5ea7772af9743ba5201046bbb

Tags

Signatures

  • Loads dropped DLL

  • Reads user/profile data of web browsers

    Description

    Infostealers often target stored browser data, which can include saved credentials etc.

    Tags

    TTPs

    Data from Local SystemCredentials in Files
  • Looks up external IP address via web service

    Description

    Uses a legitimate IP lookup service to find the infected system's external IP.

Related Tasks

MITRE ATT&CK Matrix
Command and Control
    Credential Access
    Defense Evasion
      Discovery
        Execution
          Exfiltration
            Impact
              Initial Access
                Lateral Movement
                  Persistence
                    Privilege Escalation
                      Tasks

                      static1

                      3/10

                      behavioral1

                      7/10

                      behavioral2

                      7/10