General

  • Target

    Azure_external.V1.exe

  • Size

    16.1MB

  • Sample

    240407-zb4myseb74

  • MD5

    742c52fad0929077e00e3ce255ad4e3a

  • SHA1

    f33c9e37bc981ed2a7fa0e16599f18dbf6104c9b

  • SHA256

    05930004fafd21dbe0ef223953155be26b84e2abf35f1916c718be6a0b657255

  • SHA512

    bb8f8ef3641d0e116765e4cf5e89b7b22e0273a8b2c87759ebd3c2f0031a08c14dc5cbb1e8cd5e8323857ba82873804163bc8f5d3f518cbaa8e1b3265a0694a8

  • SSDEEP

    393216:pEkZgf8JjgP8AxYDX1+TtIiFGuvB5IjWqn6eCz1ZPYrS5x+32Kda:pRbJjbX71QtIZS3ILn6ewK32Kda

Malware Config

Targets

    • Target

      Azure_external.V1.exe

    • Size

      16.1MB

    • MD5

      742c52fad0929077e00e3ce255ad4e3a

    • SHA1

      f33c9e37bc981ed2a7fa0e16599f18dbf6104c9b

    • SHA256

      05930004fafd21dbe0ef223953155be26b84e2abf35f1916c718be6a0b657255

    • SHA512

      bb8f8ef3641d0e116765e4cf5e89b7b22e0273a8b2c87759ebd3c2f0031a08c14dc5cbb1e8cd5e8323857ba82873804163bc8f5d3f518cbaa8e1b3265a0694a8

    • SSDEEP

      393216:pEkZgf8JjgP8AxYDX1+TtIiFGuvB5IjWqn6eCz1ZPYrS5x+32Kda:pRbJjbX71QtIZS3ILn6ewK32Kda

    Score
    7/10
    • Drops startup file

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Accesses cryptocurrency files/wallets, possible credential harvesting

    • Legitimate hosting services abused for malware hosting/C2

    • Looks up external IP address via web service

      Uses a legitimate IP lookup service to find the infected system's external IP.

    • Target

      creal.pyc

    • Size

      64KB

    • MD5

      3e713cb6c4046483cf5628154ab009e9

    • SHA1

      2beb55fbed6ee76c560e3679bd12856624932097

    • SHA256

      5dc51c79342e699ac9ac8e05b288f81cc56b7e67e398f98222d12f653d144ae8

    • SHA512

      51d1db3bc18d125ca7fdffe7a7c992d4653af79f50c690bca95a8a345bf03fd10114f364e62d5fb6acd97ef784879decefe42d3b77fb20b8cc7c83e0505e73d7

    • SSDEEP

      1536:7TrQe+0Ql9pObo8BHWftXASFW08VAeOR2es:7TOYbo8B2VXASNMAeORk

    Score
    3/10

MITRE ATT&CK Enterprise v15

Tasks