General

  • Target

    73624ae2b5f9c832e8f71ff90cc73ea7c3c34ff7813fb1181659dc1202493ebc.zip

  • Size

    708KB

  • Sample

    230308-nhc8ssfd9s

  • MD5

    614f5104528d2aec8864c8181f7c47c4

  • SHA1

    ccbcb2a762f95137670f741fff21d1ed18635d7d

  • SHA256

    58fff4a924b57f8b24dbb173a284c0aafcd02e059430821df21467da42821175

  • SHA512

    c4f89c7bfcf5f86edfbdddb8aa4546f0e41520acd3e1f57dde1de3f9dde88421a58daedec6d350a74e41b352d966e04b8d3875cde19246f7c3deaf81c854208d

  • SSDEEP

    12288:036jEIQ0SK5TU6kvIii504AvZ/GEgwgGJkG9YKwvdXz2qyAz73auWhbQmE:E6jEB4TU6YIdLAvqwgG2G9YddXjV33lD

Score
8/10

Malware Config

Targets

    • Target

      73624ae2b5f9c832e8f71ff90cc73ea7c3c34ff7813fb1181659dc1202493ebc.exe

    • Size

      901KB

    • MD5

      63897474afd6771fcdc9ef3493edb0b6

    • SHA1

      2bfebbe064739a51e0971db115c9a5b592bc8332

    • SHA256

      73624ae2b5f9c832e8f71ff90cc73ea7c3c34ff7813fb1181659dc1202493ebc

    • SHA512

      7e16c343c9c4daa4d522b1f476f0c2be426a2e086d6bfbb6a83c6907072cd67c901ae1f9acf271a6fed9940b07e7038e0663ae5bcbf5c475fa2becf99b6429df

    • SSDEEP

      12288:en7Wy8ptDBiyJwRgPtqcLhnu6+BsNHSyCXvpltbyJJygiBH8VHATX:0Wy8pt1iywgLL0TJy4yJJVM

    Score
    8/10
    • Blocklisted process makes network request

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v6

Tasks