General

  • Target

    63cb7def296c5d609d3cc8be545b79de02e385937c437e3b7d7b749cce828f49

  • Size

    9.3MB

  • Sample

    220520-wtzj6sbfd4

  • MD5

    0fbcb355e951c62f4120a03408b1f1c0

  • SHA1

    9a5ebc255d9aea0b3da86e10f58dfefb307a7e03

  • SHA256

    63cb7def296c5d609d3cc8be545b79de02e385937c437e3b7d7b749cce828f49

  • SHA512

    b589075924ff1b011597047bd3335b65944f65d5d91c575e26912e28e32184cbb28792a2da265fc5da5870ccf257daab1459ffc306fc3a7434e85d9e866136cb

Malware Config

Targets

    • Target

      63cb7def296c5d609d3cc8be545b79de02e385937c437e3b7d7b749cce828f49

    • Size

      9.3MB

    • MD5

      0fbcb355e951c62f4120a03408b1f1c0

    • SHA1

      9a5ebc255d9aea0b3da86e10f58dfefb307a7e03

    • SHA256

      63cb7def296c5d609d3cc8be545b79de02e385937c437e3b7d7b749cce828f49

    • SHA512

      b589075924ff1b011597047bd3335b65944f65d5d91c575e26912e28e32184cbb28792a2da265fc5da5870ccf257daab1459ffc306fc3a7434e85d9e866136cb

    Score
    7/10
    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Looks up external IP address via web service

      Uses a legitimate IP lookup service to find the infected system's external IP.

MITRE ATT&CK Matrix ATT&CK v6

Credential Access

Credentials in Files

1
T1081

Collection

Data from Local System

1
T1005

Tasks