General

  • Target

    21f4e23bf72d14fe9ac1604e6607d1602c45f98128569b1234da62939cdf883f

  • Size

    407KB

  • Sample

    220521-wgygcadgck

  • MD5

    60930514941fd8da97348108586bd555

  • SHA1

    8ccb7e0300c55ddfac7ef9ae799498dc49fb08ca

  • SHA256

    21f4e23bf72d14fe9ac1604e6607d1602c45f98128569b1234da62939cdf883f

  • SHA512

    4865ee0fb5801a342509aacb8521b037f2df0a829401c02e58072e47510f538bdb92dc331db323a2ed1213c98135707cec32cc2c69a02509c623c1ebe3e9354b

Malware Config

Targets

    • Target

      21f4e23bf72d14fe9ac1604e6607d1602c45f98128569b1234da62939cdf883f

    • Size

      407KB

    • MD5

      60930514941fd8da97348108586bd555

    • SHA1

      8ccb7e0300c55ddfac7ef9ae799498dc49fb08ca

    • SHA256

      21f4e23bf72d14fe9ac1604e6607d1602c45f98128569b1234da62939cdf883f

    • SHA512

      4865ee0fb5801a342509aacb8521b037f2df0a829401c02e58072e47510f538bdb92dc331db323a2ed1213c98135707cec32cc2c69a02509c623c1ebe3e9354b

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Accesses cryptocurrency files/wallets, possible credential harvesting

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

MITRE ATT&CK Matrix ATT&CK v6

Credential Access

Credentials in Files

2
T1081

Discovery

Query Registry

1
T1012

Collection

Data from Local System

2
T1005

Tasks