Resubmissions

16-02-2023 22:48

230216-2q7z2ace24 10

31-08-2022 07:43

220831-jkcb3acfb8 1

29-08-2022 14:00

220829-ray23sbdh9 7

General

  • Target

    CopyrightReport.docx.scr

  • Size

    471.3MB

  • Sample

    220829-ray23sbdh9

  • MD5

    1046ef90d5d9ffaeb068209af2ebdf12

  • SHA1

    50823fe7cc7f47cb5adfde3ae25365d43c497a91

  • SHA256

    f8df7a34f17242157f9095b4aa05740c7ea9769bacd766cb1b0eac817a52455b

  • SHA512

    5d3fea9883855208d270c34ef4326854b8887bd038855e0759b0c4be0a34a51a1a4efcc4d14994e84ce987748915d93e0ade3e965b1ca1e20ae41f50bf2d0ceb

  • SSDEEP

    98304:5nh5SyRWXJHazQVs7/2zAAvnkZgE1eqxzQXZFUGMFoZY9TMD:5hdMJHaUV2/XAsqEgqxzUcxoZYy

Malware Config

Targets

    • Target

      CopyrightReport.docx.scr

    • Size

      471.3MB

    • MD5

      1046ef90d5d9ffaeb068209af2ebdf12

    • SHA1

      50823fe7cc7f47cb5adfde3ae25365d43c497a91

    • SHA256

      f8df7a34f17242157f9095b4aa05740c7ea9769bacd766cb1b0eac817a52455b

    • SHA512

      5d3fea9883855208d270c34ef4326854b8887bd038855e0759b0c4be0a34a51a1a4efcc4d14994e84ce987748915d93e0ade3e965b1ca1e20ae41f50bf2d0ceb

    • SSDEEP

      98304:5nh5SyRWXJHazQVs7/2zAAvnkZgE1eqxzQXZFUGMFoZY9TMD:5hdMJHaUV2/XAsqEgqxzUcxoZYy

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Accesses cryptocurrency files/wallets, possible credential harvesting

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

MITRE ATT&CK Matrix ATT&CK v6

Credential Access

Credentials in Files

2
T1081

Discovery

Query Registry

1
T1012

Collection

Data from Local System

2
T1005

Tasks