63cb7def296c5d609d3cc8be545b79de02e385937c437e3b7d7b749cce828f49

General
Target

63cb7def296c5d609d3cc8be545b79de02e385937c437e3b7d7b749cce828f49

Size

9MB

Sample

220520-wtzj6sbfd4

Score
7 /10
MD5

0fbcb355e951c62f4120a03408b1f1c0

SHA1

9a5ebc255d9aea0b3da86e10f58dfefb307a7e03

SHA256

63cb7def296c5d609d3cc8be545b79de02e385937c437e3b7d7b749cce828f49

SHA512

b589075924ff1b011597047bd3335b65944f65d5d91c575e26912e28e32184cbb28792a2da265fc5da5870ccf257daab1459ffc306fc3a7434e85d9e866136cb

Malware Config
Targets
Target

63cb7def296c5d609d3cc8be545b79de02e385937c437e3b7d7b749cce828f49

MD5

0fbcb355e951c62f4120a03408b1f1c0

Filesize

9MB

Score
7/10
SHA1

9a5ebc255d9aea0b3da86e10f58dfefb307a7e03

SHA256

63cb7def296c5d609d3cc8be545b79de02e385937c437e3b7d7b749cce828f49

SHA512

b589075924ff1b011597047bd3335b65944f65d5d91c575e26912e28e32184cbb28792a2da265fc5da5870ccf257daab1459ffc306fc3a7434e85d9e866136cb

Tags

Signatures

  • Loads dropped DLL

  • Reads user/profile data of web browsers

    Description

    Infostealers often target stored browser data, which can include saved credentials etc.

    Tags

    TTPs

    Data from Local SystemCredentials in Files
  • Looks up external IP address via web service

    Description

    Uses a legitimate IP lookup service to find the infected system's external IP.

Related Tasks

MITRE ATT&CK Matrix
Command and Control
    Credential Access
    Defense Evasion
      Discovery
        Execution
          Exfiltration
            Impact
              Initial Access
                Lateral Movement
                  Persistence
                    Privilege Escalation
                      Tasks

                      static1

                      3/10

                      behavioral1

                      7/10

                      behavioral2

                      7/10