General

  • Target

    d46707c1b17cb0f0b6d957a92bf277c939d2198f5e4e0ddc51c5647750bfa364

  • Size

    195KB

  • Sample

    220524-dq3tbadga3

  • MD5

    ae3d114fd873837fbafb4053afaaa74d

  • SHA1

    416627a59acd79afa3799d9e6fd97f4648f6c2a7

  • SHA256

    d46707c1b17cb0f0b6d957a92bf277c939d2198f5e4e0ddc51c5647750bfa364

  • SHA512

    9e47bec763dda818cdefd9bd96e16c829590a6fbfacfee22ab1618df916cd7782f33f3f7804d4ca761a47ce33ada7b15a5e0b1d494b6a9f515e7517b930c9cf8

Malware Config

Targets

    • Target

      d46707c1b17cb0f0b6d957a92bf277c939d2198f5e4e0ddc51c5647750bfa364

    • Size

      195KB

    • MD5

      ae3d114fd873837fbafb4053afaaa74d

    • SHA1

      416627a59acd79afa3799d9e6fd97f4648f6c2a7

    • SHA256

      d46707c1b17cb0f0b6d957a92bf277c939d2198f5e4e0ddc51c5647750bfa364

    • SHA512

      9e47bec763dda818cdefd9bd96e16c829590a6fbfacfee22ab1618df916cd7782f33f3f7804d4ca761a47ce33ada7b15a5e0b1d494b6a9f515e7517b930c9cf8

    • Arcane log file

      Detects a log file produced by the Arcane Stealer.

    • ArcaneStealer

      Arcane Stealer is a .Net information-stealing malware that is easy to acquire in the dark web.

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Accesses cryptocurrency files/wallets, possible credential harvesting

    • Legitimate hosting services abused for malware hosting/C2

MITRE ATT&CK Enterprise v6

Tasks