7216d996da54630b7e9b7736c146b849f883117f50c570dc907863a9a59178ae

General
Target

7216d996da54630b7e9b7736c146b849f883117f50c570dc907863a9a59178ae

Size

6MB

Sample

220520-gmrhnafhcp

Score
7 /10
MD5

3df2ba6a7f8cf0bce3bcc13a9b1b55a8

SHA1

d49c0c35479c417991a1c5b5559f0e1cc0c7d107

SHA256

7216d996da54630b7e9b7736c146b849f883117f50c570dc907863a9a59178ae

SHA512

a4baee5cd3c57221be0d5333305c472eb3e474c5ccf1aa8212c6da49fac1aa9b19161b21a14e5665757261936b307365f6faa9b141d915f1278869cd742b8cb3

Malware Config
Targets
Target

7216d996da54630b7e9b7736c146b849f883117f50c570dc907863a9a59178ae

MD5

3df2ba6a7f8cf0bce3bcc13a9b1b55a8

Filesize

6MB

Score
7/10
SHA1

d49c0c35479c417991a1c5b5559f0e1cc0c7d107

SHA256

7216d996da54630b7e9b7736c146b849f883117f50c570dc907863a9a59178ae

SHA512

a4baee5cd3c57221be0d5333305c472eb3e474c5ccf1aa8212c6da49fac1aa9b19161b21a14e5665757261936b307365f6faa9b141d915f1278869cd742b8cb3

Tags

Signatures

  • Loads dropped DLL

  • Reads user/profile data of web browsers

    Description

    Infostealers often target stored browser data, which can include saved credentials etc.

    Tags

    TTPs

    Data from Local SystemCredentials in Files
  • Looks up external IP address via web service

    Description

    Uses a legitimate IP lookup service to find the infected system's external IP.

Related Tasks

MITRE ATT&CK Matrix
Command and Control
    Credential Access
    Defense Evasion
      Discovery
        Execution
          Exfiltration
            Impact
              Initial Access
                Lateral Movement
                  Persistence
                    Privilege Escalation
                      Tasks

                      static1

                      3/10

                      behavioral1

                      7/10

                      behavioral2

                      7/10