General
-
Target
36a851f66225a2a17b500bb8d5a4cb85.bin
-
Size
1MB
-
Sample
230123-km7reseb8z
-
MD5
b515463e503ed72242f2e8a5dea354d7
-
SHA1
2ca0fed5aee354c7d636c59bb8744d0cea8237f6
-
SHA256
06d98cffd272ec3f3968a1157ff2e2ce82c9c0c6aff3440455e214b8f0ca738c
-
SHA512
92fdce89bf7cc25e6dab10255ed935cb1b82b60d4a6d5f278f9c36610ef00990d82c9a419115ad91b0739a0aee06757178e3f6101d6d0784be015fc9cd2f78e3
-
SSDEEP
49152:LftcITSAgaDTmm3Wz2iiSYRmMnyktfkx8wdnS1rdSAw:LlcASLaH4CUEyVvdQrdk
Malware Config
Targets
-
-
Target
22dc8f285c6a295d04d819bbcf8b2a9921536d28b40e15bdec32c9b02e44865e.exe
-
Size
3MB
-
MD5
36a851f66225a2a17b500bb8d5a4cb85
-
SHA1
32aa1bba16dfe77644885fccd488d6d67da06c77
-
SHA256
22dc8f285c6a295d04d819bbcf8b2a9921536d28b40e15bdec32c9b02e44865e
-
SHA512
647e32ef94d48d067f3fc93789fb6dd425dc2acb7bc0757f7e4460a5602c9eaefa878f7555f219e77b10a1b1ced3a1ea7db42225b6af0be17b99a138a1a73165
-
SSDEEP
98304:b/E8A4wD6rM9DvlBYtA8mqMYE/T/GoTG6ri5l7+FZAeWqIq7P7CbM5zD6sILTjbV:g3T/md5h+tP9i4osI3jhMSN
Score7/10-
Loads dropped DLL
-
Reads user/profile data of local email clients
Email clients store some user data on disk where infostealers will often target it.
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-
MITRE ATT&CK Matrix
Collection
Command and Control
Credential Access
Defense Evasion
Execution
Exfiltration
Impact
Initial Access
Lateral Movement
Persistence
Privilege Escalation