General

  • Target

    4683b77cc3b81245771df5d1a5a2243f512de486a80d992f31b1c5b060047c54

  • Size

    6.2MB

  • Sample

    220524-rzepqsabfk

  • MD5

    bcaf1499f0d117d3065775b4f787730d

  • SHA1

    901a29a01806b1af773927301fd5077e6aa128e9

  • SHA256

    4683b77cc3b81245771df5d1a5a2243f512de486a80d992f31b1c5b060047c54

  • SHA512

    c7eb3e9b39d664b77c85f862f9b453494a31bc2d487a7dd9ea9d2b48d8dc65db86fa963322206ecdbd6b65e04dd453bda7ee94c75cef06474e888c3dcbaa5d53

Malware Config

Targets

    • Target

      4683b77cc3b81245771df5d1a5a2243f512de486a80d992f31b1c5b060047c54

    • Size

      6.2MB

    • MD5

      bcaf1499f0d117d3065775b4f787730d

    • SHA1

      901a29a01806b1af773927301fd5077e6aa128e9

    • SHA256

      4683b77cc3b81245771df5d1a5a2243f512de486a80d992f31b1c5b060047c54

    • SHA512

      c7eb3e9b39d664b77c85f862f9b453494a31bc2d487a7dd9ea9d2b48d8dc65db86fa963322206ecdbd6b65e04dd453bda7ee94c75cef06474e888c3dcbaa5d53

    Score
    7/10
    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Looks up external IP address via web service

      Uses a legitimate IP lookup service to find the infected system's external IP.

MITRE ATT&CK Matrix ATT&CK v6

Credential Access

Credentials in Files

1
T1081

Collection

Data from Local System

1
T1005

Tasks