General

  • Target

    cada223faa617fb038a5d6040d6bbe318a8d6a455377fbc5362ad82f0b741e2e.exe

  • Size

    17.3MB

  • Sample

    240618-xble9sthpa

  • MD5

    7277b2e269528fb20d6d2681be354b93

  • SHA1

    7b4fc67e2938ae5c707162e2f06521bfc1719b23

  • SHA256

    cada223faa617fb038a5d6040d6bbe318a8d6a455377fbc5362ad82f0b741e2e

  • SHA512

    0fe9a64e488f501b4558e352a06aaf5ce9dab61192fd21926d73404b9dba2c6a2f6ecaedcac9abbc8a37552ba3c79e02c9457aee8262ab03dbbd42f89ca6cfce

  • SSDEEP

    393216:gyYTEkZgf84gP8AxYDX1+TtIiFGuvB5IjWqn6e+NPz1Xy2XUd+da:GTRb4bX71QtIZS3ILn6e+7yv+da

Malware Config

Targets

    • Target

      cada223faa617fb038a5d6040d6bbe318a8d6a455377fbc5362ad82f0b741e2e.exe

    • Size

      17.3MB

    • MD5

      7277b2e269528fb20d6d2681be354b93

    • SHA1

      7b4fc67e2938ae5c707162e2f06521bfc1719b23

    • SHA256

      cada223faa617fb038a5d6040d6bbe318a8d6a455377fbc5362ad82f0b741e2e

    • SHA512

      0fe9a64e488f501b4558e352a06aaf5ce9dab61192fd21926d73404b9dba2c6a2f6ecaedcac9abbc8a37552ba3c79e02c9457aee8262ab03dbbd42f89ca6cfce

    • SSDEEP

      393216:gyYTEkZgf84gP8AxYDX1+TtIiFGuvB5IjWqn6e+NPz1Xy2XUd+da:GTRb4bX71QtIZS3ILn6e+7yv+da

    Score
    7/10
    • Drops startup file

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Accesses cryptocurrency files/wallets, possible credential harvesting

    • Looks up external IP address via web service

      Uses a legitimate IP lookup service to find the infected system's external IP.

MITRE ATT&CK Enterprise v15

Tasks