General

  • Target

    46981450158247813495.exe

  • Size

    10.2MB

  • Sample

    240619-t49rsaybpj

  • MD5

    fbde56b60792f22e09337e1933044e92

  • SHA1

    31fa6dae10a47784a7b58c7b5e0ff611efe41252

  • SHA256

    b96733033e9a7299beda126e16ea430fca6ff07c813aee87ba0bb7f64c1c8b1e

  • SHA512

    31da2bfa72d6f1db6612fffd9425dacef91ddd9ab7ff844c7cc3169cf52842b0b8b7c93cea956ada699f2c309849ec4833fc64f91a2c0165cb8fc733f9dd3722

  • SSDEEP

    196608:Xu2zIOvEkYcY6gIoBA1HeT39Iigwh1ncKOVVtc97bTFtQjCjK5JWU:+2z1vEkYc4q1+TtIiFv0VQx3F63P/

Malware Config

Targets

    • Target

      46981450158247813495.exe

    • Size

      10.2MB

    • MD5

      fbde56b60792f22e09337e1933044e92

    • SHA1

      31fa6dae10a47784a7b58c7b5e0ff611efe41252

    • SHA256

      b96733033e9a7299beda126e16ea430fca6ff07c813aee87ba0bb7f64c1c8b1e

    • SHA512

      31da2bfa72d6f1db6612fffd9425dacef91ddd9ab7ff844c7cc3169cf52842b0b8b7c93cea956ada699f2c309849ec4833fc64f91a2c0165cb8fc733f9dd3722

    • SSDEEP

      196608:Xu2zIOvEkYcY6gIoBA1HeT39Iigwh1ncKOVVtc97bTFtQjCjK5JWU:+2z1vEkYc4q1+TtIiFv0VQx3F63P/

    Score
    7/10
    • Drops startup file

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Accesses cryptocurrency files/wallets, possible credential harvesting

    • Looks up external IP address via web service

      Uses a legitimate IP lookup service to find the infected system's external IP.

MITRE ATT&CK Enterprise v15

Tasks