General

  • Target

    1127f9f9ecf644ce673c211e185e648c.exe

  • Size

    153KB

  • Sample

    240105-n4wx2abcdk

  • MD5

    1127f9f9ecf644ce673c211e185e648c

  • SHA1

    a6432449b6302f1fb132dc4e4de31ebfbf64c64e

  • SHA256

    239525c06bd5b287d65fc971a2cab16f92c4fbca5f47969aff1e397eef9fe155

  • SHA512

    03951559b5f24b5576f85bf39471c2b0b6f70dcc2e4b8672082a1856539e97930705efc4696fbadcd0639284007aa2b060a21b3897074773feb867859dec76a1

  • SSDEEP

    3072:oSxI4Va2xhvCSs2gP5PFme+DOwHfEQ6yyF5vtRcbhYqZMo:o8FFs2S5tmH1sjVJI9Q

Malware Config

Targets

    • Target

      1127f9f9ecf644ce673c211e185e648c.exe

    • Size

      153KB

    • MD5

      1127f9f9ecf644ce673c211e185e648c

    • SHA1

      a6432449b6302f1fb132dc4e4de31ebfbf64c64e

    • SHA256

      239525c06bd5b287d65fc971a2cab16f92c4fbca5f47969aff1e397eef9fe155

    • SHA512

      03951559b5f24b5576f85bf39471c2b0b6f70dcc2e4b8672082a1856539e97930705efc4696fbadcd0639284007aa2b060a21b3897074773feb867859dec76a1

    • SSDEEP

      3072:oSxI4Va2xhvCSs2gP5PFme+DOwHfEQ6yyF5vtRcbhYqZMo:o8FFs2S5tmH1sjVJI9Q

    • 44Caliber

      An open source infostealer written in C#.

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Accesses cryptocurrency files/wallets, possible credential harvesting

    • Looks up external IP address via web service

      Uses a legitimate IP lookup service to find the infected system's external IP.

MITRE ATT&CK Enterprise v15

Tasks