General

  • Target

    Ofepari_ct.exe

  • Size

    230KB

  • Sample

    231004-tcxm5sch5x

  • MD5

    c55569ef6fcf3608aa4e328549085fb6

  • SHA1

    fea1b19b30ca3cdd73080098d2a76bd11e9d4266

  • SHA256

    c18fb59b7cd6b7bb35bff64f646b39979bf42143097d40950e72b3dbde1b6e4f

  • SHA512

    6df8fe4698cf3cf10e4153e35cd172322ef7d3f74f870414b2248a09c086d83a4750e360c5dac230f5220b150b198df5f78445def86dd0a3396192a5237f0358

  • SSDEEP

    6144:h/yJnrNsp6+xCCPfWQORHyAT2lMtAIGh074D8yf:Jy5r6p6oZPfWQORHfTc83Gh0sD8yf

Malware Config

Targets

    • Target

      Ofepari_ct.exe

    • Size

      230KB

    • MD5

      c55569ef6fcf3608aa4e328549085fb6

    • SHA1

      fea1b19b30ca3cdd73080098d2a76bd11e9d4266

    • SHA256

      c18fb59b7cd6b7bb35bff64f646b39979bf42143097d40950e72b3dbde1b6e4f

    • SHA512

      6df8fe4698cf3cf10e4153e35cd172322ef7d3f74f870414b2248a09c086d83a4750e360c5dac230f5220b150b198df5f78445def86dd0a3396192a5237f0358

    • SSDEEP

      6144:h/yJnrNsp6+xCCPfWQORHyAT2lMtAIGh074D8yf:Jy5r6p6oZPfWQORHfTc83Gh0sD8yf

    • Phemedrone

      An information and wallet stealer written in C#.

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Looks up external IP address via web service

      Uses a legitimate IP lookup service to find the infected system's external IP.

MITRE ATT&CK Enterprise v15

Tasks