General

  • Target

    87a3ce3be0e6413180c6eadc00dd25cb3e1d4005ea888e3bc466352147c1d07a

  • Size

    9.3MB

  • Sample

    220520-gmqlcsche4

  • MD5

    5b9594f2d72d45e2d53d68737b17d609

  • SHA1

    abbc989525d5f5dcece681187613b76b16893dc1

  • SHA256

    87a3ce3be0e6413180c6eadc00dd25cb3e1d4005ea888e3bc466352147c1d07a

  • SHA512

    1d32375554be0e37812efd7729e54dcb4b7679e41e28a7c4b6403146dc163c1524a8c767f728026d554e5f9e6a3426d3e13bd12a6d689927aeae38d777642352

Malware Config

Targets

    • Target

      87a3ce3be0e6413180c6eadc00dd25cb3e1d4005ea888e3bc466352147c1d07a

    • Size

      9.3MB

    • MD5

      5b9594f2d72d45e2d53d68737b17d609

    • SHA1

      abbc989525d5f5dcece681187613b76b16893dc1

    • SHA256

      87a3ce3be0e6413180c6eadc00dd25cb3e1d4005ea888e3bc466352147c1d07a

    • SHA512

      1d32375554be0e37812efd7729e54dcb4b7679e41e28a7c4b6403146dc163c1524a8c767f728026d554e5f9e6a3426d3e13bd12a6d689927aeae38d777642352

    Score
    7/10
    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Looks up external IP address via web service

      Uses a legitimate IP lookup service to find the infected system's external IP.

MITRE ATT&CK Matrix ATT&CK v6

Credential Access

Credentials in Files

1
T1081

Collection

Data from Local System

1
T1005

Tasks