General

  • Target

    IpGrabber.exe

  • Size

    10.0MB

  • Sample

    240510-n1ybpacg4v

  • MD5

    c418a64be8d4453beaae0b401a1e3f29

  • SHA1

    30664a6caf525d323d9af465e1c843961f17f210

  • SHA256

    33e8ba234199ca3f20610a059f996bc6adb53d62c42a2fb73654dae909abbb2f

  • SHA512

    0a996b04f9b9d5f951878b97c2a574c762ec98ab5374ae3ade3316763921fc138d4ff5e79cbfa812d1fd41450fddd90d8eaea73e416fd40db20fc256ce158167

  • SSDEEP

    196608:MWosu7axzed71ibP5ddQmRrdA6lbuErSEEJwdFt1L3SGYP1ZosPf:VnxzKcPjdQOlb+9JIiGE5

Malware Config

Targets

    • Target

      IpGrabber.exe

    • Size

      10.0MB

    • MD5

      c418a64be8d4453beaae0b401a1e3f29

    • SHA1

      30664a6caf525d323d9af465e1c843961f17f210

    • SHA256

      33e8ba234199ca3f20610a059f996bc6adb53d62c42a2fb73654dae909abbb2f

    • SHA512

      0a996b04f9b9d5f951878b97c2a574c762ec98ab5374ae3ade3316763921fc138d4ff5e79cbfa812d1fd41450fddd90d8eaea73e416fd40db20fc256ce158167

    • SSDEEP

      196608:MWosu7axzed71ibP5ddQmRrdA6lbuErSEEJwdFt1L3SGYP1ZosPf:VnxzKcPjdQOlb+9JIiGE5

    Score
    7/10
    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Legitimate hosting services abused for malware hosting/C2

    • Looks up external IP address via web service

      Uses a legitimate IP lookup service to find the infected system's external IP.

MITRE ATT&CK Enterprise v15

Tasks