General

  • Target

    49918eabc6909b8c8b28e66bebe9466dcce19ec026a67e10b5d4c19cb2021e86

  • Size

    416KB

  • Sample

    220521-r91d7ahgd4

  • MD5

    93fb446fe69caafcfe3649b957db7fcc

  • SHA1

    983da9ecef17a8362f8b97f4d39f8aac46d0ea49

  • SHA256

    49918eabc6909b8c8b28e66bebe9466dcce19ec026a67e10b5d4c19cb2021e86

  • SHA512

    8869aff50a27a67c72af1aa098fe5f73a2ba36b6b51331fda2ebb4ecc434da80ad57eccdf3566c8941b4dbda7dee84c26d64b0f9b14cb33b8864ef8ea8dcd813

Malware Config

Targets

    • Target

      49918eabc6909b8c8b28e66bebe9466dcce19ec026a67e10b5d4c19cb2021e86

    • Size

      416KB

    • MD5

      93fb446fe69caafcfe3649b957db7fcc

    • SHA1

      983da9ecef17a8362f8b97f4d39f8aac46d0ea49

    • SHA256

      49918eabc6909b8c8b28e66bebe9466dcce19ec026a67e10b5d4c19cb2021e86

    • SHA512

      8869aff50a27a67c72af1aa098fe5f73a2ba36b6b51331fda2ebb4ecc434da80ad57eccdf3566c8941b4dbda7dee84c26d64b0f9b14cb33b8864ef8ea8dcd813

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Accesses cryptocurrency files/wallets, possible credential harvesting

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

MITRE ATT&CK Matrix ATT&CK v6

Credential Access

Credentials in Files

2
T1081

Discovery

Query Registry

1
T1012

Collection

Data from Local System

2
T1005

Tasks