General

  • Target

    CONSCIOUSexternal_v1.3.exe

  • Size

    16.3MB

  • Sample

    240511-jbk8lsgc92

  • MD5

    813671f7eb0d43da9d4d41e4b7452135

  • SHA1

    bbc114df0ef4aac22d30f256c328ce7026274cdb

  • SHA256

    5801792fac28dd7c901f4dea7a77b7a81697a7dbcf4f324dbe5bc3d44664fa8e

  • SHA512

    4c9d21be2a02397ed2264b24eac2f0344ac1ab45a84ea3bbb7b2035f8307a987ee082d93ac5fc97360911e1032ae5439425908f5f1e6068a70b7e466849f5f16

  • SSDEEP

    393216:X4wEkcqc4gP8AxYDX1+TtIiFvY9Z8D8Ccl6lnDE0PKksbtKo:X4wkz4bX71QtI6a8DZcIlDskwKo

Malware Config

Targets

    • Target

      CONSCIOUSexternal_v1.3.exe

    • Size

      16.3MB

    • MD5

      813671f7eb0d43da9d4d41e4b7452135

    • SHA1

      bbc114df0ef4aac22d30f256c328ce7026274cdb

    • SHA256

      5801792fac28dd7c901f4dea7a77b7a81697a7dbcf4f324dbe5bc3d44664fa8e

    • SHA512

      4c9d21be2a02397ed2264b24eac2f0344ac1ab45a84ea3bbb7b2035f8307a987ee082d93ac5fc97360911e1032ae5439425908f5f1e6068a70b7e466849f5f16

    • SSDEEP

      393216:X4wEkcqc4gP8AxYDX1+TtIiFvY9Z8D8Ccl6lnDE0PKksbtKo:X4wkz4bX71QtI6a8DZcIlDskwKo

    Score
    7/10
    • Drops startup file

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Accesses cryptocurrency files/wallets, possible credential harvesting

    • Legitimate hosting services abused for malware hosting/C2

    • Looks up external IP address via web service

      Uses a legitimate IP lookup service to find the infected system's external IP.

MITRE ATT&CK Enterprise v15

Tasks