General

  • Target

    a2b67a646410e2cc28d317dcc062ad158f03be2639db5efec993fcdb3886de1a

  • Size

    1.4MB

  • Sample

    231016-19nj3afh8v

  • MD5

    a6f75b1e5f8b4265869f7e5bdcaa3314

  • SHA1

    b4bedd3e71ef041c399413e6bcdd03db37d80d2f

  • SHA256

    a2b67a646410e2cc28d317dcc062ad158f03be2639db5efec993fcdb3886de1a

  • SHA512

    53c8bcbc89df212277a9c63d322b03faf273cc133177205b1c2179db7c5e13a16db6d1ad800baf7b44e9f48291786f065f741f62521ae3df99fa488f2fbaf952

  • SSDEEP

    24576:m1W8VSHsqxNkHROM62DbJByw9mgIkBKMAyisV5+n2n3dcCwSl/JRFIvx:W3SMAAlVD+w9RIk0MA1sEOcCbl/Jsx

Malware Config

Targets

    • Target

      a2b67a646410e2cc28d317dcc062ad158f03be2639db5efec993fcdb3886de1a

    • Size

      1.4MB

    • MD5

      a6f75b1e5f8b4265869f7e5bdcaa3314

    • SHA1

      b4bedd3e71ef041c399413e6bcdd03db37d80d2f

    • SHA256

      a2b67a646410e2cc28d317dcc062ad158f03be2639db5efec993fcdb3886de1a

    • SHA512

      53c8bcbc89df212277a9c63d322b03faf273cc133177205b1c2179db7c5e13a16db6d1ad800baf7b44e9f48291786f065f741f62521ae3df99fa488f2fbaf952

    • SSDEEP

      24576:m1W8VSHsqxNkHROM62DbJByw9mgIkBKMAyisV5+n2n3dcCwSl/JRFIvx:W3SMAAlVD+w9RIk0MA1sEOcCbl/Jsx

    • Reads user/profile data of local email clients

      Email clients store some user data on disk where infostealers will often target it.

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Accesses cryptocurrency files/wallets, possible credential harvesting

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

MITRE ATT&CK Matrix ATT&CK v13

Credential Access

Unsecured Credentials

3
T1552

Credentials In Files

3
T1552.001

Discovery

Query Registry

1
T1012

Collection

Data from Local System

3
T1005

Tasks