General

  • Target

    d9d9b943acbbe0394122d68a5ac5919f.bin

  • Size

    19KB

  • Sample

    240612-dh59gazarr

  • MD5

    bb3ca3b6be47e45cd84894164fa3351d

  • SHA1

    0d0c188b8923910f01a054316fc922971d2ccef7

  • SHA256

    3245df95e81766a7cec5a73402e41f94622ac1957c6cc9412a4468dd48a0af6c

  • SHA512

    0232cfdeba460491a1de2d53540a7c312c62b7e86e46cd4f8b21c591fbcdc3b7e9ba328334fc83ee97c0e5e8be874c5265da89fc535649ecf30eeb1e0e5c4307

  • SSDEEP

    384:w/LaFvklO/F9yqEt1CGkcrj0XuWvQkSyibgph61nWvGiR4bmSbDK:w/LaF8Yd2Ylcqolyyg61LiR4XDK

Malware Config

Targets

    • Target

      92e0a7687dbabbecadf58d3f706e383909637c8ea4b0f49824f4c3929ff53435.exe

    • Size

      55KB

    • MD5

      d9d9b943acbbe0394122d68a5ac5919f

    • SHA1

      1befa767e5ae1f06658563cee6520bb7598999aa

    • SHA256

      92e0a7687dbabbecadf58d3f706e383909637c8ea4b0f49824f4c3929ff53435

    • SHA512

      3ccf9b9050c878f60abeaae5b08b57e631b05d110d70f27788aa7d286e22d7ca40ea4575fb69ef09d305348b529bbfbe8a39a9307b57aa4397595e5a1b2f4780

    • SSDEEP

      1536:6/BsBQBWHVuH4yB9OIBABttaAOeXc5aX2r8I:6/BsBQByV0vB9OIBABttaAOQQeI

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Accesses Microsoft Outlook profiles

    • Looks up external IP address via web service

      Uses a legitimate IP lookup service to find the infected system's external IP.

MITRE ATT&CK Enterprise v15

Tasks