Overview

overview

7

Static

static

1

VESSEL PAR...RS.exe

windows7-x64

7

VESSEL PAR...RS.exe

windows10-2004-x64

7

Resubmissions

22/03/2023, 16:27

230322-tyg5ksaa66 5

08/03/2023, 15:25

230308-stl3asad3y 7

Sharing

Copy URL Twitter E-mail

General

  • Target

    VESSEL PARTICULARS.exe

  • Size

    1.5MB

  • Sample

    230308-stl3asad3y

  • MD5

    24f2bf961c5ebc9007ba75b6f029388b

  • SHA1

    69a709244389e702c8a31f72c1f1e05459efde16

  • SHA256

    af28704c38179bcfb8bc5757baede2655bf3737d74f28ea28f27c4c7c40f44cc

  • SHA512

    364296ecfef84b79a4a1abb8abf279e7a7915df08e1c53b4d4398ec9bbd2c74976b35744f578b9ac3316762c64b8cb617b7e40821f4ed54a572dd4fd13d00dcc

  • SSDEEP

    24576:xa/5u61x/7UyezBAStv7Zmv1OpK/Exl1Oh8z4zIKx/GuHa7pp/gfWSfko/O6nVh:y7/wyCdtucK/Ex/EgMIKxOuHKcko/5

Score
7/10
collectionspywarestealer

Malware Config

Targets

    • Target

      VESSEL PARTICULARS.exe

    • Size

      1.5MB

    • MD5

      24f2bf961c5ebc9007ba75b6f029388b

    • SHA1

      69a709244389e702c8a31f72c1f1e05459efde16

    • SHA256

      af28704c38179bcfb8bc5757baede2655bf3737d74f28ea28f27c4c7c40f44cc

    • SHA512

      364296ecfef84b79a4a1abb8abf279e7a7915df08e1c53b4d4398ec9bbd2c74976b35744f578b9ac3316762c64b8cb617b7e40821f4ed54a572dd4fd13d00dcc

    • SSDEEP

      24576:xa/5u61x/7UyezBAStv7Zmv1OpK/Exl1Oh8z4zIKx/GuHa7pp/gfWSfko/O6nVh:y7/wyCdtucK/Ex/EgMIKxOuHKcko/5

    Score
    7/10
    collectionspywarestealer

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Accesses Microsoft Outlook profiles

      collection

    • Legitimate hosting services abused for malware hosting/C2

    • Looks up external IP address via web service

      Uses a legitimate IP lookup service to find the infected system's external IP.

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks