General

  • Target

    399cc1d48e37c4a6487a92fe29e8bc4e110b45ebe63010a2e84c9ecfe24f2952

  • Size

    194KB

  • Sample

    220520-gndyyschg8

  • MD5

    923169d8b4d1c4f24751b9726d93c1a9

  • SHA1

    c4e191e109f730333f2169d2264f5077ad4daf4a

  • SHA256

    399cc1d48e37c4a6487a92fe29e8bc4e110b45ebe63010a2e84c9ecfe24f2952

  • SHA512

    b72d67172ee844eb2731d3ff3845e6c70d349c733fda4e849c85a1103239d4db654234ec5519430050da3a16c002b0e23cd04c1d7af540f1e17612e25c711c41

Malware Config

Targets

    • Target

      399cc1d48e37c4a6487a92fe29e8bc4e110b45ebe63010a2e84c9ecfe24f2952

    • Size

      194KB

    • MD5

      923169d8b4d1c4f24751b9726d93c1a9

    • SHA1

      c4e191e109f730333f2169d2264f5077ad4daf4a

    • SHA256

      399cc1d48e37c4a6487a92fe29e8bc4e110b45ebe63010a2e84c9ecfe24f2952

    • SHA512

      b72d67172ee844eb2731d3ff3845e6c70d349c733fda4e849c85a1103239d4db654234ec5519430050da3a16c002b0e23cd04c1d7af540f1e17612e25c711c41

    • Arcane log file

      Detects a log file produced by the Arcane Stealer.

    • ArcaneStealer

      Arcane Stealer is a .Net information-stealing malware that is easy to acquire in the dark web.

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Accesses cryptocurrency files/wallets, possible credential harvesting

MITRE ATT&CK Enterprise v6

Tasks