General

  • Size

    277KB

  • Sample

    220923-g4dm5ahcfk

  • MD5

    7662155bc833d532311c0f38f27afbe4

  • SHA1

    6c2c93cf2a075232765b9d987b265262221e4af8

  • SHA256

    0d6b09a12fbd4549687911861b6d5713c195f207a67785240699ec14795b5406

  • SHA512

    2480c94700a72547b569b17c2fb86e6c76fee939f1ab2d29af783601b927438140c2e959a093f6bda117095e21a94b4d10e1fe2ba9126c8b38ed421b1ddba9e1

Malware Config

Targets

    • Target

      0d6b09a12fbd4549687911861b6d5713c195f207a67785240699ec14795b5406

    • Size

      277KB

    • MD5

      7662155bc833d532311c0f38f27afbe4

    • SHA1

      6c2c93cf2a075232765b9d987b265262221e4af8

    • SHA256

      0d6b09a12fbd4549687911861b6d5713c195f207a67785240699ec14795b5406

    • SHA512

      2480c94700a72547b569b17c2fb86e6c76fee939f1ab2d29af783601b927438140c2e959a093f6bda117095e21a94b4d10e1fe2ba9126c8b38ed421b1ddba9e1

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Accesses cryptocurrency files/wallets, possible credential harvesting

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

MITRE ATT&CK Matrix

Command and Control

    Credential Access

    Defense Evasion

      Discovery

      Execution

        Exfiltration

          Impact

            Initial Access

              Lateral Movement

                Persistence

                  Privilege Escalation