General

  • Target

    FlazeAllV1.exe

  • Size

    20.0MB

  • Sample

    240605-wc9c2sdc8t

  • MD5

    6ef1499851e7f3c2c832716ee14fe54a

  • SHA1

    06922c2148f10f2579b15235dfd668d78ff80f53

  • SHA256

    82096f816cf0825c119c9b58d1ffad32f78bed20a8ca76ed287370abe2921260

  • SHA512

    d26adb173415a3d5c0404d8683c5427b8cbf48802bf54af0850e5aa9f7860c5c394aba7a8e0b260511f429623bfba7931a9cb70f4952003e200fc80151d7839c

  • SSDEEP

    393216:dcEkZQtsumL01+l+uq+Vvz1+TtIiFqCuARuAQhFXmbarkEWL60gMv86C:dchQtsD01+l+uqgvz1QtI1CuAgh8aAEB

Malware Config

Targets

    • Target

      FlazeAllV1.exe

    • Size

      20.0MB

    • MD5

      6ef1499851e7f3c2c832716ee14fe54a

    • SHA1

      06922c2148f10f2579b15235dfd668d78ff80f53

    • SHA256

      82096f816cf0825c119c9b58d1ffad32f78bed20a8ca76ed287370abe2921260

    • SHA512

      d26adb173415a3d5c0404d8683c5427b8cbf48802bf54af0850e5aa9f7860c5c394aba7a8e0b260511f429623bfba7931a9cb70f4952003e200fc80151d7839c

    • SSDEEP

      393216:dcEkZQtsumL01+l+uq+Vvz1+TtIiFqCuARuAQhFXmbarkEWL60gMv86C:dchQtsD01+l+uqgvz1QtI1CuAgh8aAEB

    Score
    7/10
    • Drops startup file

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Accesses cryptocurrency files/wallets, possible credential harvesting

    • Legitimate hosting services abused for malware hosting/C2

    • Looks up external IP address via web service

      Uses a legitimate IP lookup service to find the infected system's external IP.

MITRE ATT&CK Enterprise v15

Tasks