General
-
Target
bab67db0b4ba0b9e11d4a97bde527f04cc46eaae7720a2568edac11a0c612285
-
Size
835KB
-
Sample
230308-hw6vdaea61
-
MD5
c6c71e9efadc684612a0e42bf73c6200
-
SHA1
a27929527512d078821572be43f5d9fe2cdac924
-
SHA256
bab67db0b4ba0b9e11d4a97bde527f04cc46eaae7720a2568edac11a0c612285
-
SHA512
8d1b331865dd6212c1d1168a1f73bf38c84da71b31fa0d947df6cfbfd0f71216ceb9f68deaff8316d039824f4654b63570a13e1f6d401745d2d4b992f6fea512
-
SSDEEP
12288:VyRRh8q57UtXe+fU6JNlR2k69j7fruorRzLsTzOuN6F7ZY6S7g/m7PHZ/52dpSaL:k6+Rz6OuN6nLSgg/GdpjA/0u4fh
Malware Config
Targets
-
-
Target
bab67db0b4ba0b9e11d4a97bde527f04cc46eaae7720a2568edac11a0c612285
-
Size
835KB
-
MD5
c6c71e9efadc684612a0e42bf73c6200
-
SHA1
a27929527512d078821572be43f5d9fe2cdac924
-
SHA256
bab67db0b4ba0b9e11d4a97bde527f04cc46eaae7720a2568edac11a0c612285
-
SHA512
8d1b331865dd6212c1d1168a1f73bf38c84da71b31fa0d947df6cfbfd0f71216ceb9f68deaff8316d039824f4654b63570a13e1f6d401745d2d4b992f6fea512
-
SSDEEP
12288:VyRRh8q57UtXe+fU6JNlR2k69j7fruorRzLsTzOuN6F7ZY6S7g/m7PHZ/52dpSaL:k6+Rz6OuN6nLSgg/GdpjA/0u4fh
Score7/10-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Accesses Microsoft Outlook profiles
-
Legitimate hosting services abused for malware hosting/C2
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-