General

  • Target

    Proccess Hacker 2 CR4CK.exe

  • Size

    101.3MB

  • Sample

    240529-wmjkdace6z

  • MD5

    f3b1ad7007b460b14e4e01c437560dff

  • SHA1

    ca9c20f7289d0c2e7d95da7759012dee646b811c

  • SHA256

    a324ba529466e4a0edfe4ffe8f455c6744bfad675441e43675f6a5e4b7c1956d

  • SHA512

    1fdbe0f7167b4fc9ac3a09189f038786ce21a738c01dd39754f4fb6ced6fbf303c744b0a14fa60e9fecf40a6821ea6104894a4b99aac278a0ee0d2ca322b01aa

  • SSDEEP

    3145728:tUqgYRPSC++6y9Jk62t/VG6RmtCRlGPrcW2qHO5iVf6jUI:aqxaC4y9On5mERluAOHCixuU

Malware Config

Targets

    • Target

      Proccess Hacker 2 CR4CK.exe

    • Size

      101.3MB

    • MD5

      f3b1ad7007b460b14e4e01c437560dff

    • SHA1

      ca9c20f7289d0c2e7d95da7759012dee646b811c

    • SHA256

      a324ba529466e4a0edfe4ffe8f455c6744bfad675441e43675f6a5e4b7c1956d

    • SHA512

      1fdbe0f7167b4fc9ac3a09189f038786ce21a738c01dd39754f4fb6ced6fbf303c744b0a14fa60e9fecf40a6821ea6104894a4b99aac278a0ee0d2ca322b01aa

    • SSDEEP

      3145728:tUqgYRPSC++6y9Jk62t/VG6RmtCRlGPrcW2qHO5iVf6jUI:aqxaC4y9On5mERluAOHCixuU

    Score
    7/10
    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Legitimate hosting services abused for malware hosting/C2

    • Looks up external IP address via web service

      Uses a legitimate IP lookup service to find the infected system's external IP.

MITRE ATT&CK Enterprise v15

Tasks